General
-
Target
Umbral.exe
-
Size
231KB
-
MD5
2f8f9edad83fe12a0e27f2f774f59d97
-
SHA1
0501724be9ae75f5b22e7ab90d7beb71dcc9f8af
-
SHA256
e9d12a502f21205c38e5d593c9bfa6f22045e7270fec4d27e027c29b9a6dcb6c
-
SHA512
94f491514d8a0333b0a62d368d62a702ec1018ca2efb3c61e952adf5244e489057d675250df0bc666665cd9cdec128a163a11745884479439e84be6402bdac08
-
SSDEEP
6144:xloZM+rIkd8g+EtXHkv/iD4FRMuyMS1Nmhzus9x4Wnb8e1mzAi:DoZtL+EP8FRMuyMS1Nmhzus9x4QIZ
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1274408641465684134/nn33h2OBDOMhn0IA9dgLWsKAGOyjYByP4r3MN2lzNmVAvTUfsCpRybi3Jx6Wz5bEyNNb
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Umbral.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections