umbral | Complex Tournament Softaim Cracked[.]zip

Resubmissions

29-06-2024 16:53

240629-vd8x8s1fqg 10

Sharing

Copy URL

Twitter E-mail

General

Target

Complex Tournament Softaim Cracked.zip
Size

183KB
MD5

02d29e806f02e22f2d274d90eea8ac1e
SHA1

4e148ee958507d4c95c6c2bfc6e1b06a9247abd8
SHA256

b9d84636a9359f58b03287d8e8db195c45d6557b02f657073144707db483f001
SHA512

fe7fd15a84a5dbcce5c7bb50af4e027da20d5894ffcc7aecebdea5e103197bb65b1651cca155f2157e499b6d2cde567af40ad41a9f7d4eccb53ada066b32f0d4
SSDEEP

3072:zOQzoglORysSkUoqxqwbdORjBTMRp7mLo2GJCUSwvzFV7W5ION99T3BN9xQC+glx:1qysfXqxRORpqmLoFJpXbFhWR99TBNj3

Score

10^/10

umbral

Malware Config

Extracted

Family

umbral

https://discord.com/api/webhooks/1159859843717402645/rPr6nWXT3yXsIfoH38ZYpVO7dm40ImyIWNe39st7RgX7PaKdVbLCSDliBS9sRNMEmXMk

Signatures

Detect Umbral payload 2 IoCs

resource	yara_rule
static1/unpack001/Complex Softaim Cracked.exe	family_umbral
static1/unpack001/DLL Injector.exe	family_umbral

Umbral family
umbral

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Complex Softaim Cracked.exe
unpack001/DLL Injector.exe

Files

Complex Tournament Softaim Cracked.zip
.zip

Password: 2024
CheatLoader.DLL
.js
Complex Softaim Cracked.exe
.exe windows:4 windows x86 arch:x86

Password: 2024

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DLL Injector.exe
.exe windows:4 windows x86 arch:x86

Password: 2024

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
INSTRUCTIONS.txt

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

Password: 2024

Password: 2024

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 224KB - Virtual size: 224KB

.rsrc Size: 68KB - Virtual size: 67KB

.reloc Size: 512B - Virtual size: 12B

Password: 2024

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 224KB - Virtual size: 224KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 224KB - Virtual size: 224KB

.rsrc
Size: 68KB - Virtual size: 67KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 224KB - Virtual size: 224KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 12B