General
-
Target
382f9d13e5a5945980c767ec1d98732d971a4e07bdb9ed1950d6c455edbb203a.exe
-
Size
296KB
-
MD5
c4cf132278a366635533a2734901aa95
-
SHA1
06ea6b94f8accb59c3115c67208a1116a12a7f1e
-
SHA256
382f9d13e5a5945980c767ec1d98732d971a4e07bdb9ed1950d6c455edbb203a
-
SHA512
d6f4343892a266db8b62892d0c8eef5e63492f49e237d704cf2c5237fe5249f948dbbc8471ae2db00a862af9d7658c6286a72a0f3134786dae82d5fad72eb120
-
SSDEEP
6144:dloZM+rIkd8g+EtXHkv/iD4PaIWVjgULYyD1Ac5eIb8e1mWiQ:/oZVL+EP8PaIWVjgULYyD1Ac5n0
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1222057832011137064/xHw2NG_dFhYqQKhgRobsja61tNIbEsN8GrE7S4K1SPmpvEek-9MvgREk8PUDX3-FoVeS
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
382f9d13e5a5945980c767ec1d98732d971a4e07bdb9ed1950d6c455edbb203a.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections