Resubmissions

27-04-2024 22:30

240427-2e6b3aac8y 10

27-04-2024 22:14

240427-15m3qsaa31 10

General

  • Target

    l0xmdpqk.ylw.bin.exe

  • Size

    227KB

  • MD5

    7f32dcbb00de079c31ff7895ae9c0560

  • SHA1

    e80841a355b8dce9955b9bbba63f02a4ad31a836

  • SHA256

    5658f42d6332d99827d772a710d74e905f822d23e958c86f802973c2cffe850f

  • SHA512

    776cabc7d2442d90655eec0f434c811146b7f569dbace3c8609a582c167af5990ec25d1d7a8eb111744cecbdcd43d37af7d623eb97eb414ad926371083f7aadc

  • SSDEEP

    6144:bloZM+9EB1/SqctonEPfCqAu0+prdmK13Up7a6rhgj8e1m5l:5oZQdSqcwvu0+prdmK13Up7a6rhQM

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1230863499496783923/A02kDLEw6wbN8ixBXQtfYqly_yrSOMARWe64V1_a5LlUVAnlyyQj7Axye820VBzQV8HJ

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • l0xmdpqk.ylw.bin.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections