Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

citronforyou.exe

windows7-x64

10

citronforyou.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    citronforyou.exe

  • Size

    229KB

  • MD5

    67735e43b595bc948f427fbc1d4d9400

  • SHA1

    df92217c3101826bf0ae4c8ba53e40026e64dcc3

  • SHA256

    bb6f9600b07d01beeab0a868840ceea944a90d87fb5016ba71794ef68d0a19d6

  • SHA512

    492b3d5372137ca3c3ad287fb84ab40ac6609eff5cf329a039f29b25c39d8c348bf547f01d6e90616e9c11593bf8f294cc73858917ca0ef2a7d03c91d6b89d14

  • SSDEEP

    6144:lloZMLrIkd8g+EtXHkv/iD4vc/yrRiK13wBzOurcVfb8e1mki:noZ0L+EP8vc/yrRiK13wBzOurCG

Score
10/10
umbral

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1271198583076687882/-wpBphJT1bmZ3IzghCvTMvjQiZKds8S1POF_Sy_vnbIZOhTtql-E3y-UYbQtGHJMAQOe

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
    umbral
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • citronforyou.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.