General
-
Target
everything.exe
-
Size
231KB
-
MD5
5e487f250a2b0c04f06f37b6d66b29ba
-
SHA1
68d5c6fcf314df40abf53b3462cb76dce9af887e
-
SHA256
3dec6623a9f5488bc8fc4a3185cddd03bdda73247063875943a79dd75c5071b6
-
SHA512
1f428c57ee5d53fbe590f12f3e345715b528c5aaa5e971e30fe760d9bf8660a09c1dbf7f94b73c5131c4261163e2fb6932a71ccf67b1a319f0dd1b06af823e54
-
SSDEEP
6144:hloZM+rIkd8g+EtXHkv/iD4EmQIkqNlOhLWU1pAe4dnb8e1mAYVi:ToZtL+EP8EmQIkqNlOhLWU1pAdpd
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1271859202385510516/pTwQpNwcygYE0wG_rK1k-m1UL93sqpTzx3wjCGeEq8TF4IINEpBCY1VQKYVlKstu2UV9
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
everything.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections