Resubmissions
09/10/2024, 15:26 UTC
241009-sveplssdjh 10
General
-
Target
BanDPI.exe
-
Size
229KB
-
MD5
b480a45c37b268cc917a54cdefea620c
-
SHA1
e68857ab8b0d589056bbc571d9e95ebee78b198a
-
SHA256
07e10c35d0ba5cdb655370b4be54924e4c5a291cc5130ac35fcc1701b342cc39
-
SHA512
f68afd7bf02052bbb0b3589b4963eda82e3412ed3695c9834dc7400a5b6e658b26c3c5bcb18cbb0f4eab360bcb9d4412a2cdd3e7c1f5f84010bf7f978359f3a8
-
SSDEEP
6144:9loZM+rIkd8g+EtXHkv/iD4Ua88vFuW5l8VHCCHfHb8e1m5Qi:foZtL+EP8Ua88vFuW5l8VHCCH7c
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1293591054737735834/Fi2wqbsm-o0tXgq12Xz5O8L7rHz8QgTAMnXqdJbyukAbHbYpz6seZy_-ON7fnUPFag2k
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
BanDPI.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections