General
-
Target
Umbral.exe
-
Size
231KB
-
MD5
37040bc6e02b555d9062631211678bc9
-
SHA1
cb2f4548ce9bd51ce42301ffa74130d9c6098ad5
-
SHA256
3294164d79836fe3765e57e50dd0ac898164ccc049f097fb2deb2725478aa583
-
SHA512
e5db52931152bef14e1dda82288a1f4265d79c4c4ad08f143994b2b60b2b530dfbcdcb1468bd70e5799a55b2a4f02565249e0d41944032bbd43a296757d9754c
-
SSDEEP
6144:RloZM+rIkd8g+EtXHkv/iD4FxEe9rI8jB67NokR4cb8e1mtqpui:joZtL+EP8FxEe9rI8jB67NokRxuqR
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1270032462076182559/b8wi9cfMdsx4v72a9Wyf8VdQSJy1Kwdvjyc1PALcINFs2LLbaB5jd030GBMtjUk07Yz9
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Umbral.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections