General
-
Target
aaa.exe
-
Size
229KB
-
MD5
0b7b5b3a185a737bc8fde7fba7bb9e32
-
SHA1
1031e26d6884fcc411a69332f897d9f2e1cb9bd8
-
SHA256
54eafd742f090b4beb346283bf9568451918a7123573f24a5df5730fe14d356f
-
SHA512
180678c18eb374fa69526baa48cc317bb55873f2380254c97ad97b6137f4e9dfb2214a26b04c2a3588068e979b8f2d142330b77ea5cba1a743e5450eeff3fa21
-
SSDEEP
6144:9loZM+rIkd8g+EtXHkv/iD4kl0h+8D/0wVA+Pv+AEb8e1mGi:foZtL+EP8kl0h+8D/0wVA+Pv+dM
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1305952873032450102/VPf69xoHs0ieV9XCBGj1h-sk87KiOVBD2TpzbWxBVZhZ9ZRQ3nsD2hSajAXeX9GZC3oR
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
aaa.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections