General

  • Target

    Loader.exe

  • Size

    495KB

  • MD5

    6c200e0e8ddc021a16094bd07c17b1b6

  • SHA1

    faa1dba99441d84898171d9ec2962955235183e9

  • SHA256

    837e540ab292132a621130757c1d5f1738f83e44568847e9278472eac3dc3046

  • SHA512

    bd5e8d976dbdad7d8f5511d777a0998f3d831054b7d3dad2d0a9969ddd622a519b63c1b06b677fef16c90f9ed9de226b25be6ca5f11752a053d6669ce726a15f

  • SSDEEP

    12288:doZ1tlRk83MlgvNh0ad1+F7mEl5Qw5nTiii/Izoqs2PiixJ:G5r39Nh0ad1+F7mEl5QwFzoqs2

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discordapp.com/api/webhooks/1250210609493180540/EIPBZ3YdZ5w5YcRIO6f1LfLpmEqxvPYjSIyR1VF8Vq8yhqkWJkzZ4iXosQ9u7wa-RKex

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Loader.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections