General

  • Target

    RagdollEngines.exe

  • Size

    229KB

  • MD5

    200c41d8aed55fb8062af370c6baa50c

  • SHA1

    910bfcccb5411675f5bdbe58166c36b51cfb00d6

  • SHA256

    aa674c3b1a3b9ac2b03dbbfa6d862a18aabb1d8b7886d984e84b5470fb1871f8

  • SHA512

    a6a8f2f361ef056daf2c91c95ed99724369f096841bf2b4d4be615da5a0fcd9b5f2950e5e6adcdb8c1a387ddbdc31bc102962e2f743f31aa0b61cd2eafcd3de0

  • SSDEEP

    6144:dloZM+rIkd8g+EtXHkv/iD4SuiRz2U7X8VtoGnnGMRb8e1m3Nlxi:/oZtL+EP8SuiRz2U7X8VtoGnnGU/

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1238064255551537152/dAGDfs9_ZhJJBM4RogAdkdeJxayjPxBYnUMHnTIjgFzWcZKbkYasYigM8hdLaHHbn4XK

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • RagdollEngines.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections