General
-
Target
dead-builder.exe
-
Size
254KB
-
MD5
a57179fa58b196077b35da7eb4032a18
-
SHA1
92a6d5ac92fe534fa1c5cdb45bc95135ef3effad
-
SHA256
4fec5552f2a39ddd4bdcfd316ac96ecf9f6a413fb3a674d058d1695b88c8db5f
-
SHA512
d66f89a6f1b76e64de7f163a9cf4c31b1fcd2b1129800c1659f50d2a23e67e93820f64624ebacd25eeee193fee6e96a849f42687f5b4be9bdf8cab53f7ef31d7
-
SSDEEP
6144:K4oZoAeVHPtHgTIAaZgCwDx7axHU0unC28ejI8x7:xoZyHPvWCwjXCsIM
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1267112581206904925/Gkx9-NA-5FKJL-3Ehaqtj5lpmNzG-yFwxfY66lVxsyoKGIcae-bbaUO7d-hvSLDQU1-n
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
dead-builder.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections