Overview

overview

10

Static

static

10

f29f169e41...fd.exe

windows7-x64

10

f29f169e41...fd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    57725f9d6fe867414481c9174b761df1.bin

  • Size

    89KB

  • MD5

    8410c6f78da6ff5f4241695833d74991

  • SHA1

    62c975febf1cfe3b032f8e136912ba44d6f5fe2f

  • SHA256

    a578f68e62faffd324cdbcd73e781c8c2c4976a0c6d6048f4b4692527310e608

  • SHA512

    e01da0d0885e5ba9901b595d15201c0101eac90d3a49c84ac5aa40cde040a30bd0a6cfe695e617d1f09960bd6a47a1dab49638fd4ed08efb3bc50e7e8bdfbae7

  • SSDEEP

    1536:60dvJDXSAxE5WUh67GBva2yVJsIT/cFF2KyBBo09M7BXTT2WLN7aQQNbKk9UKuiF:6wJD/Ey75F4YB+VTTbZunb3Udiu+

Score
10/10
umbral

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1275486097744597052/DtRIVGRXq9EbCOLuFG54p-sV2rFhTNQaPmROPZ12uQi4zP31iRoNPEVEdATCJBi9SiEL

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
    umbral
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 57725f9d6fe867414481c9174b761df1.bin
    .zip

    Password: infected

  • f29f169e410ccc847f78e8df47006a45025ba10f0d517629f80ad73995d614fd.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections