General

  • Target

    Umbral.exe

  • Size

    227KB

  • MD5

    352d7bc3f16944c271e510f0bfad2b71

  • SHA1

    fb31618e42f6beecf323f045f8453e7ecb67f0ea

  • SHA256

    18b39864c478ca8d947a0b08e48965402477064b4c6975831f18b141d2a1d21f

  • SHA512

    c69b31c6d74dbd6342e857a2411c96af670022831ce48000385ec05a07f9465e24878eeefbdd6f26f7f9ef34a6b2e8501523151a38f63dc51294e7f280bdaf0f

  • SSDEEP

    6144:+loZM+rIkd8g+EtXHkv/iD4nAaBJX8QfF+nJUg1vbb8e1mUMi:ooZtL+EP8nAaBJX8QfF+nJUg1XFF

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1245448172436721717/Bkdu-x06BGUQbFzh0vM16H3yT_3yoXWRwoNsxvlyChXcLKWGdmsFpN85Lbd4wBNm2fuY

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Umbral.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections