General
-
Target
triggerbot_beta.exe
-
Size
492KB
-
MD5
c6082923c754876542e9e9819763aa00
-
SHA1
1f6958604f623c279751c0ae84e1bbc46548de65
-
SHA256
df99537694b2fe9e5732fad10d520af72f26f4654bee5221fb46f1eaeaaf9bcf
-
SHA512
e65208f424b8da472eb0a30ec38d57a57e85e2f9247c31157e75e3a08710075ef02cfc25a650bb395326c9115d0f93d177472aeefeb76f54545d1b264b49ece5
-
SSDEEP
6144:XloZM+rIkd8g+EtXHkv/iD4NkxjfVeGJqMFXSy3DoZb8e1mNiE:1oZtL+EP8NkxjfVeGJqMFXSy3DQrE
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1274834842005016688/KGbNp8oQeDNjjC8mCXzjmuOMz6j8unA0kzV6gtBQgvAuFeKmQdBXnLBZvNRA1GK-Z4aC
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
triggerbot_beta.exe
Password: 1234
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections