General
-
Target
12eab714a3f392af46c79bb9eb28155b97d6456350f40f8b85b630de71c5c57c
-
Size
228KB
-
Sample
240319-wd84nsab65
-
MD5
cd60f2c4d6616cf3e5785c07526be795
-
SHA1
cc463a67d382c6bc11a05d1bfe41031b64d2c39c
-
SHA256
12eab714a3f392af46c79bb9eb28155b97d6456350f40f8b85b630de71c5c57c
-
SHA512
d255801159dfaf6c3f1d2cc19c9fab3421e04fff84aa2078043745d69a026cebf0dc6e8080174182f555cfe34b755035c0d2adfeeb322e0ff708a4d577c21536
-
SSDEEP
6144:MloZMzrIkd8g+EtXHkv/iD4IB2kxfEY3Omfh8ItUlLb8e1muyi:KoZcL+EP8IB2kxfEY3Omfh8ItUlP
Behavioral task
behavioral1
Sample
12eab714a3f392af46c79bb9eb28155b97d6456350f40f8b85b630de71c5c57c.exe
Resource
win7-20240221-en
Malware Config
Extracted
umbral
https://discord.com/api/webhooks/1217801123927162921/dgMvVtiWuB8DS8tdYGE33IGFk9YmbGNpXPqXFPoCA8ikryGBR6W28cmbr1v_cxCZqdBI
Targets
-
-
Target
12eab714a3f392af46c79bb9eb28155b97d6456350f40f8b85b630de71c5c57c
-
Size
228KB
-
MD5
cd60f2c4d6616cf3e5785c07526be795
-
SHA1
cc463a67d382c6bc11a05d1bfe41031b64d2c39c
-
SHA256
12eab714a3f392af46c79bb9eb28155b97d6456350f40f8b85b630de71c5c57c
-
SHA512
d255801159dfaf6c3f1d2cc19c9fab3421e04fff84aa2078043745d69a026cebf0dc6e8080174182f555cfe34b755035c0d2adfeeb322e0ff708a4d577c21536
-
SSDEEP
6144:MloZMzrIkd8g+EtXHkv/iD4IB2kxfEY3Omfh8ItUlLb8e1muyi:KoZcL+EP8IB2kxfEY3Omfh8ItUlP
-
Detect Umbral payload
-
Detects executables attemping to enumerate video devices using WMI
-
Detects executables containing possible sandbox analysis VM names
-
Detects executables containing possible sandbox analysis VM usernames
-
Detects executables containing possible sandbox system UUIDs
-