General

  • Target

    C37boot.zip

  • Size

    138KB

  • MD5

    823806e44f19c682c6de359fa332c452

  • SHA1

    78ca243e9b4690c2c82bc75456087a1f82d803b7

  • SHA256

    73207e68fd2611a51968b6903020cedf7d6c07eeb7e8570de6ac533d93d31e25

  • SHA512

    319d0bb0b65e45f68c9d2de005178211878286eb978f644af9955e50193ce5d7e09f5686da0bbd125a3f9f8e4f074901d7ee6fbdbf904bdb810c752280f81cca

  • SSDEEP

    3072:ls5OiL2k7hkVitM5ca5v6Si5in/bSlJpsxZ/TGyDlz:ls5J2Rtmm6tiOsrTb5

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1247939114515431576/-I9y34Eg1J2F4FolssK-68gxrpNUiziMBe1Dq5-AXRXx_G_XjzHxBj25MXS-XoZvwnV0

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • C37boot.zip
    .zip
  • C37boot/C37Bootstrapper.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections