General
-
Target
Njrat .204.rar
-
Size
125KB
-
MD5
2f8f859411fbf35a8e0c0c220a88285e
-
SHA1
ebc9bbd7e4819f60e786ced2f1aaa4875cd33478
-
SHA256
6d6c3ea3e134ca6775cf2be8c7246fc63f68bb7a594650d0c4b8f22a74093d4b
-
SHA512
63ee1d295cdb3d9cd3b0e81850a9ae6eb7b3d0b2924038127a24fef82c6ecbcfe3eb820dd7ef923a710f3759d1321a9c5086535b2e6624577c47fee98d1b8992
-
SSDEEP
3072:TuhsGEF1fTmqDufpkBoB6ESC5WjjoLPSfPdg98xiokf:TmKfT3yhkG+jESfPlvkf
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1301608203133648926/or1AA5-Ux8B1-TMLBh30Bf71iffcB8WRSlayVtmgP4S0TVOddJmrwT00Sg1XUYIByEJT
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Njrat .204.rar
-
Njrat .204.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections