General

  • Target

    Pookies Bypasser.exe

  • Size

    229KB

  • MD5

    5dcae9f331eabd47b8a078fad0f812c8

  • SHA1

    39baa462feac529cc7d907a9bc7028444748992e

  • SHA256

    6594aa4b2efc8137b453fe978ae2ff5ae6f055e4d79539fa4804933e208ffdf4

  • SHA512

    3ae8037c1bb7e48a2e0d1d8a06faba35bd998c6dda8f5c8dbe8a7cfae51e8c5f8ce6da3ba379a8690549a6bb5b2c9ef05b703aa34eaeabdc9ebb952dc083d756

  • SSDEEP

    6144:VloZM+rIkd8g+EtXHkv/iD4S2eNiAfboSxUyzzqbKb8e1mri:3oZtL+EP8S2eNiAfboSxUyzzqyZ

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1238573290897805363/rEn2kuwhqAY8-wzK_hJfcoX6uIKlS9BrmN1CZytvMBmT8owPn9R_GNCKYmm1J867GYYX

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Pookies Bypasser.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections