Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    SolaraBootstrapper.exe

  • Size

    227KB

  • MD5

    1a713cc368d9a6b8ccd99ff52a2fa3e0

  • SHA1

    5228e724740b06daa74a33c5e0441c5444731ea4

  • SHA256

    680989424c4c59046fc69b1d1bddfc72adaed80a0f12c29b42bc444d2fec3f04

  • SHA512

    82db4d706ff886dfde04d72f8a9bdc00922e2ace82c2113a59a06b54b9270d272b065be061258075564ef8e40b6b827ce4be5080f9d606cd73859097d495ee2d

  • SSDEEP

    6144:+loZM+rIkd8g+EtXHkv/iD4phSDMS1Nmlzus9x4MGb8e1mOi:ooZtL+EP8phSDMS1Nmlzus9x4z0

Score
10/10
umbral

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1274910211135766631/qFJlIUMxwpuzYQjXRS603PqYXhqj5-4aUZBPGcfptaN4WIFJ6ZgsJUKw7l8GFk_pltYg

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
    umbral
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • SolaraBootstrapper.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections