General
-
Target
clean.exe
-
Size
229KB
-
MD5
afc4798057dd3b9a73225e98546c6e72
-
SHA1
af1a74d8c7be3f1f95fd9e7d6ebfad0fdd105645
-
SHA256
ec4b26011b3dbc1ee514189ca764e73ce7c2acc7a7f6e9cfa8190c8151484ab7
-
SHA512
577469a498352b6557941cd9db8ef13711758870b6fa385ae9b9eaec3ad0b786ec6c50a4413d786a75c1af1e5bf3b2673bc8aacb71d539a70ae116ea4bc27ef8
-
SSDEEP
6144:lloZM9rIkd8g+EtXHkv/iD4lSHJxfEY3umfh8Iti+b8e1m+di:noZmL+EP8lSHJxfEY3umfh8ItZF0
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1233850910241849455/YwI9ixeDGi2xRIP3UmPgFRxqoW4Bu530Wk7lWFd3ryPjMCgvOFBE-AU6ClHOiWyEnMrV
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
clean.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections