General

  • Target

    TEST.rar

  • Size

    80KB

  • MD5

    b73a235392b360b22f6b244b0b0af97a

  • SHA1

    524829a16a97ba862337b8ad7ec86707e231cfe9

  • SHA256

    c2caa0fa4a868c131c9139635dd57f67ec1bba9283ab4b0a121fdff5a4a21082

  • SHA512

    50122d08a5965c537ab7bf9bc8c5372ae48858459e47a652e04d98a3dc8c02f5664f759600e07b658de543696c0c06dbf0311d583168ae43427f67c057801c64

  • SSDEEP

    1536:5PJo3xi6Dpg60TuRW3mF50HuCvsfqSYh35wHGIDO8sGAYNQ7OPqyMHC96:5C3s6DpF0Kg3mFWdcqhwHGUO0qIn96

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1248680916088524882/scOLRb8Ed3pZrVLq-wxEU3RMvJbAjEVyHOhqKEPHD6NL1h3WeGeXo53UPUp5psuRr4DL

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • TEST.rar
    .rar

    Password: 1212

  • TEST.exe
    .exe windows:4 windows x86 arch:x86

    Password: 1212

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections