General
-
Target
Umbral.exe
-
Size
231KB
-
MD5
967320916645d064c55bbb046526df05
-
SHA1
c1a16294e93796b74ec339f4824ca52ed8168bc1
-
SHA256
95898a7768f940dafb72443fae1572a25a631acb5e7481e0940939f4016db636
-
SHA512
f9284986eb87df0995311c97a7983988d927379b9403ee01a8db65482a1f457f73b5ae3eb916b42fb4e0bb0496ae52454146d69098b9141dd507f8a82dbd3bdd
-
SSDEEP
6144:RloZM3rIkd8g+EtXHkv/iD4VVnRLxCqVhQhTuOLzRMb8e1mvii:joZIL+EP8VVnRLxCqVhQhTuOL283
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1265851579425095720/MAxTNAZbFvW29JNDMjAGoaQVNutWrQ256VQXQU6nOeHclv6n6MjhmoSsgFOT1sgEy3Gt
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Umbral.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections