General

  • Target

    628d7cd6016b226c4e5e5252b29dc89e42d30ffebfb489e36857079aad591ce6.exe

  • Size

    232KB

  • MD5

    afbe250f9d941daf1fc895e29d0b2821

  • SHA1

    9aeaa55efa56702a0c2694ff2de3a5c6df7b03ac

  • SHA256

    628d7cd6016b226c4e5e5252b29dc89e42d30ffebfb489e36857079aad591ce6

  • SHA512

    177ddc51032af306d32c0826efddfa3be5e68621b440be764fba7ad37fd982fb58d7e902e4eb258fe50bbd236f82457e45e7d12a885c78314b304e72fb0f2c94

  • SSDEEP

    6144:tloZMDXU9Zx0kt8X0/PSCsMpwpf3tW+x5R0STTKN0b8e1mKISi:voZnf0kkPQwpf3tW+x5R0STTKm2

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://canary.discord.com/api/webhooks/1236998752988823573/NsiSmSiQW8IAMjpG8SIg_6Zkfz_FbtFHloBWpL6PbxmkMA2TAyh0tCrgXWEmC3ZyASfA

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 628d7cd6016b226c4e5e5252b29dc89e42d30ffebfb489e36857079aad591ce6.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections