General

  • Target

    Umbral.exe

  • Size

    229KB

  • MD5

    aaf99a08d4968f6c8b4dffea65e508b5

  • SHA1

    99d6d8d218dc7a07cb8dbf009ed474782babd4d9

  • SHA256

    30ac9d27fe86c00f827876cb245deedf7f8f4cbb16f4359fda4beb0cf8183d73

  • SHA512

    9bf219952fca4d62f85bf565804e03901ec9d2b77d59e8600f2276a867bd8e6b516f4ee68527b481f11ff4df6ed4da77a438de1c1f386f8eae54e7797a63e696

  • SSDEEP

    6144:9loZM9rIkd8g+EtXHkv/iD4DcSP4+ZRSe3q459cgYb8e1mDi:foZOL+EP8DcSP4+ZRSe3q459clF

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1249007822545621105/lIYWehahvoMIbDERS3j5Uq_Y96bmWma5CxEszXK2nvldB8Ztc-7U-KY4N_IUtSC3fMqB

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Umbral.exe
    .exe windows:4 windows x86 arch:x86

    Password: 123

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections