General

  • Target

    fix.exe

  • Size

    229KB

  • MD5

    1adeea63d576dea9add98e01e9fe78b4

  • SHA1

    8f754fd661d9ce2e9e9a7278b4dd7096b13fc585

  • SHA256

    5a2904a05d5d2f5d3d3ef44bdf54e74341ae9b54ba5f6545b37acf187eec4f84

  • SHA512

    0ba3c5555273a15c5406f0bd1b5f1a3888814bdbb4130f80eae1f973497c4e5d81a92ed0797a55316b358a42a955fe44f476d1e0e90c15211dc30f4dd20c58cb

  • SSDEEP

    6144:lloZMCrIkd8g+EtXHkv/iD4sodaBPUonIWvRsY99ib8e1miLZi:noZZL+EP8sodaBPUonIWvRsY9wfLA

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1248607651387146310/L22eWHFIaqQanWIJXuwKJbdlgO8LfAMUL1ag9JLuvBFDDekhSwD3f38KvJADfkAUnTsK

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fix.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections