Overview

overview

10

Static

static

10

start.dll.exe

windows7-x64

10

start.dll.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    start.dll.exe

  • Size

    232KB

  • MD5

    ec6f1481d7bb030213e34efe0590f54b

  • SHA1

    f3e453c2534a88bea7da27043a781e3eb8650e90

  • SHA256

    bb8117f1bf2b6af1409762f7959448c15f7cad6a3ad5c8cf484da64fe1dcafc0

  • SHA512

    9284b5f85a730c70c7a88a70751d1e20bce7eb7d55d98f808e8cbab83e3f36df87e344091de5b04c0738cad47569d704cf5537e1e40ad50cc73508b8bff16fc0

  • SSDEEP

    6144:tloZM3fsXtioRkts/cnnK6cMl3kOA4+ZRSZ3qCDjaI1/b8e1mWi:voZ1tlRk83Ml3kOA4+ZRSZ3qCDjaoc

Score
10/10
umbral

Malware Config

Extracted

Family

umbral

C2

https://discordapp.com/api/webhooks/1228330512779579403/5toLS2_FpTV6Z6cML4nCtldtoZ7YWCs6aBHnNRbgdRXBePNjv7RtNfYJUtf0pkvhRqT-

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
    umbral
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • start.dll.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections