General
-
Target
0x000a000000012248-8.dat
-
Size
232KB
-
MD5
4867d27de23cded5f2229c322bf6f3fe
-
SHA1
04cd16ac5d6a2f5b7bc1db8cdefd128d0f6c2fe1
-
SHA256
94357a5e0e0d52490a07fffd0a8940f7ffdf25acb16602d83120fc99722f88eb
-
SHA512
b7ced6d7a420c55813388755d765a015cb65c6393cdeffaff4be6cb7c00845434161a3282ce7d316800da42766d9c309487dc2e96b74340f47b20032632f8909
-
SSDEEP
6144:iloZM7rIkd8g+EtXHkv/iD4j9TBMS1Nm3zus9x4yqb8e1mBi:soZ0L+EP8j9TBMS1Nm3zus9x4FL
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1276901959336595519/rnT2bUPlA6cH1e0gUJyRqEX6pBDNwefr13SwZvDBO14mTuQ8UwQDE9Xp0Hqk7Lk4A6UI
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0x000a000000012248-8.dat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections