General

  • Target

    ClientBetaNew.exe

  • Size

    229KB

  • MD5

    e7fca17393a9f4cb9ccb2f65fc2bb214

  • SHA1

    cef26fa30e3f68d85ab923beecc0cd0dbfa2a720

  • SHA256

    499282fecf90d5dcdf2b01ca4413c37477ec17b6068b43300dfeaefa1fb50978

  • SHA512

    303fe673e0d12410010971fb15ae58751948a7e0fb559e97acf5c73df0a7987dc8d423d59ebdfdfee79ef2696795ecf78543dcb74bebf6073a65229a2d24b80a

  • SSDEEP

    6144:9loZM+rIkd8g+EtXHkv/iD4rzQumkrHM99YW3X2gyb8e1mtzi:foZtL+EP8rzQumkrHM99YW3X23Ie

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1228961158032261151/x5bALpkiKWNhez1S3tpx6EU3KWmw4QhC3ZYLfNmj5sJalr62XbwIXFICAAfVJYroxbhu

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ClientBetaNew.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections