General
-
Target
xworm.exe
-
Size
229KB
-
MD5
c176d2ad8aae3ae3421647059931c8d9
-
SHA1
46cc2ff92c42f531cf2d41460031da365fd69a24
-
SHA256
8a9330937d476297cf95bed9cb50f4cb82ee90c8fd538e89090727538e2a50dc
-
SHA512
0739349b1a93f48d3600eb4d59ef4465e291270eaa7fb3c929c69ffd9d0f282c3305f1beec86e40f4a55ec13feb944fdf9ad4e0bdb2a2ad6a790dc6116386825
-
SSDEEP
6144:9loZM9rIkd8g+EtXHkv/iD4yeRV2U7X8ktoGnnGbBeb8e1mWbVi:foZOL+EP8yeRV2U7X8ktoGnnGbUE
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1292588793349673046/QU5Tkt7I-mATnc_tzCGZ0VZ_k12Wy6MTyTCFvsp153ceb8hbq9trvdiFTqnX3WItql1t
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
xworm.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections