General
-
Target
SolaraFixer.exe
-
Size
231KB
-
MD5
8bef46b57ddddec3d0d140f6f8d4b68e
-
SHA1
549b51f7d1106f186de8d3594d55dcac22a6f8fc
-
SHA256
360d3cef3d330c1930e318277939ab1c7db6c969f23be5d385b93f5faef3b4d2
-
SHA512
5e9442c00355f5aea64b787658e7b390e5f53d1709bb4ce951db3e363b91fde46cd70d2262ddd9d06c1e21a72a2728821065d87c213ce86020a620ba468458f7
-
SSDEEP
6144:RloZM+rIkd8g+EtXHkv/iD4HlYrU69VenbGkFZw36b8e1mzCi:joZtL+EP8HlYrU69VenbGkFZwWeX
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1299461719801991309/vrYuMDjs_n5vFmzGOfz4kp_hTyDr2VE1-rjZ8OaF0rcFRYvfnqe3C0qr56jzGH43IeT7
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
SolaraFixer.exe
Password: solarafix
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections