General
-
Target
Start.bat
-
Size
229KB
-
MD5
ad7985437149caea11bef60b8a5ef81a
-
SHA1
e098454f7c03a1ed404ee323d686c35839ac4def
-
SHA256
791d000badab89e84dac09066f475c877ad8ea07c5da080cc1ffbff77b3e886b
-
SHA512
22867a2fb56af5720b18ca01e1195eefee4cd0ced017e40a929b2587889392fbe99e68729aaefee736817afcf69ca49c411ed93b7edee736c12f32ee933f70e9
-
SSDEEP
6144:tloZM+rIkd8g+EtXHkv/iD48fQtxox8e1mNwi:voZtL+EP8Ugx6s
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1252958225951756439/l_C-SRxxSfL_3KvfSQAu2ZXgeFRiErI68o9oT7QU3XBWK9_ubD0F7PTBxs60Loj_S7td
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Start.bat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections