Overview

overview

10

Static

static

10

TOKEN BOT.exe

windows7-x64

10

TOKEN BOT.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TOKEN_BOT.rar

  • Size

    82KB

  • MD5

    d66e3c99b231e3b1959b70e3dff357ff

  • SHA1

    433ca2a167b73ac819e25e732ba7b6a940cbc43b

  • SHA256

    6afc8f233e1d02de92ab0dad9bb3724ab5b868c5ca59cfd52df6bc384ae1cf36

  • SHA512

    7240783b5ed71d5b5cef0deebef4da78e5894d7d446fb3b095042c75a4ec8362f2a01f402e186d65af29bb04c2dde089e8f0d73e6235da0a1b3828f64a5beeed

  • SSDEEP

    1536:eJmMWtcXkWyDYhBptyJX1WiRlcbCn5D7+D8wPa49oPeOrp8S3HSMFdOf7N:emMWjWnBzy3WiR95X+D8wi49BK8eHTMJ

Score
10/10
umbral

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1248666183935459388/H6xZG6F-jgkil3oNGNbSG0sboMZrkd4X59oyn0uqV3zJKxfSnkoPhlPZOuDT23hTub4I

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
    umbral
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • TOKEN_BOT.rar
    .rar

    Password: 123

  • TOKEN BOT.exe
    .exe windows:4 windows x86 arch:x86

    Password: 123

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections