General

  • Target

    FSEC X 752 TOOL.exe

  • Size

    227KB

  • MD5

    30f6361bf0632cf57b04fd68a32ee211

  • SHA1

    30764f71ec9e1e21554552e87d59c36efbdea029

  • SHA256

    cf52a0f797b3cf09efe31dd9c9813775f2572873cd00d81461fab253beec88c2

  • SHA512

    05685511ebaeb5d9b7dabbb5ca95847d4ff47511e702f30d9e06658c231dd0b2a642386d633dbc376847b0bab6b5334191ee6d3158d49d91ae46c6490cbba684

  • SSDEEP

    6144:eloZM+rIkd8g+EtXHkv/iD4QROULfVeGJuMFXSy3AZb8e1mzei:IoZtL+EP8QROULfVeGJuMFXSy3cY

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1149102941656076358/ppQxTmck5fkRAVugj7yp_4oiFpeDKHVWUr3fIDtqrqH62waOPlyKshGn2uAwutjSSJ_X

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • FSEC X 752 TOOL.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections