Overview

overview

10

Static

static

10

KatanaFN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    KatanaFN.exe

  • Size

    229KB

  • MD5

    8c6c893c1be31f8bba39f50c79772e34

  • SHA1

    620d857c37fc74da24b5ed43ed6c1113482e086d

  • SHA256

    57953e9e139137ade941f8e70164fc8c06539927bcabdb3e5ee753e8375e6f6b

  • SHA512

    e6e4f12a8723799662ecbbfee529bde6f5e5cd3d49d851c7203c73f49c41c1133bdd3b5d19c82608b0df79b3c6cd3618dc5a41f4678128200c02188c8fd16e67

  • SSDEEP

    6144:FloZM3fsXtioRkts/cnnK6cMlTX7nmkrHMI9YW3X2Xws+lO8e1mUKAi:HoZ1tlRk83Ml77nmkrHMI9YW3X2Xee38

Score
10/10
umbral

Malware Config

Extracted

Family

umbral

C2

https://discordapp.com/api/webhooks/1267691498871324722/hLJth30o7DcA9iZeXrsIXolI1RCj9Sq1z0BcBaYPamdjTS0fUENCCoxQXfZSZLLuoOOZ

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
    umbral
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • KatanaFN.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections