General
-
Target
SolaraBootstrapper.exe
-
Size
227KB
-
MD5
666f6194638d6e82977e48cbb6c69558
-
SHA1
df3cdcf3a47544982d88b3a8ee6c499ebab2b4f2
-
SHA256
f25954c0bee0de252c3148d22de7b37780124b0065cebf09cfca2fce9fbef080
-
SHA512
dd9f868fcdae3205ca1714390a1dbe8c598e1c16e785cb2491bbb45e444a9f2fe3a04d0b4004c1c1575090c610241857439e2c29f8e82ec3b060700bb3e4e177
-
SSDEEP
6144:+loZMLrIkd8g+EtXHkv/iD4wDvr7ByalogRj++70vb8e1muzri:ooZ0L+EP8wDvr7ByalogRj++7mZm
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1257737196249546872/R24Zy6YccyLoO_MD7z8FFaFj7KRRoLCIbwCl-iHMD-88Z3JC2qelppMGula7wZB3C-Bj
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
SolaraBootstrapper.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections