Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    CVW3NAX.exe

  • Size

    428KB

  • MD5

    11710cd62e4fb19bb1932e06d0d64d07

  • SHA1

    807d0d38932792b545ff9fb6fe0d84ddd7094cd8

  • SHA256

    b1256cc222fc9da457e57ce11a874e59d5c731c2aa3f55cc02cf47a9786fc775

  • SHA512

    5a9745ac347c742ea065b9754646dbc718ad6b8e940727c6d7d6632202c1b56649c646ad549cb1406b7c57901aa9ed574ac97e8a47abf63befa3bbebc35f17e5

  • SSDEEP

    12288:noZetlRk83MlSFLPMS1Nmezus9x4FM+H5X:r5r3VLPMS1Nmezus9x4FX

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discordapp.com/api/webhooks/1267743008145805392/CpeE6F-bEiWLWvxN1x1TGAQL6bAqMX84z08JMq1a0nBErsC09ZMolNFYR_ARHEjOXqdN

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • CVW3NAX.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections