General

  • Target

    Umbral.exe

  • Size

    229KB

  • MD5

    518a530502d5793fddad2cf074af8850

  • SHA1

    6ff6542721e9cf284129daf442c193911dda8367

  • SHA256

    c9284451e9c756e38ee65feed1db743bc535066136851e71c707402607e06501

  • SHA512

    232768823683c549468b0a11122a4c4831d528ad5861f1930714d9c7840405ac3fb145e7a8d85a3b14d6f92d93e41be692176755fb590bdfb6295cd80788c545

  • SSDEEP

    6144:lloZM+rIkd8g+EtXHkv/iD4deC+pNbYMTgqL9Y0hBpb8e1meIi:noZtL+EP8deC+pNbYMTgqL9Y0h/R

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1237112288494747648/RwLhzmD0ehxDiBdZsbgoSXVKoOkldpfaRP7ikjkQV9Ya8EVVXay-1UF3yarrrtlSnrpv

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Umbral.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections