General
-
Target
osintbeta.exe
-
Size
631KB
-
MD5
563db1fc707e29d140d343e75ee9d389
-
SHA1
ece61378cffc5f950dec95249eeebe9d01f17496
-
SHA256
bf59201502504351baacaa124496df5d010b90c828c10a3413c9d40409f30ec9
-
SHA512
e17836e475dd607ea8502012845b7ee13ef12b01ae11745706735a23ef0b9133c8e645d905e2005b2842fea18bd8c39c0b002cda66dfd89be8a658c8aa7dab45
-
SSDEEP
12288:hoZtL+EP8smVkvFuW5a8VHCCHGmNiMdRC:fI8nVkvFuW5a8VHCCHGIiMdA
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1312360330701045821/Xa2tsxokqziFd_WOVNguuOe12yjZtbjooKiwQx5VnlfwNsU9VmoUDiiMr1hV8WOJ1O7G
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
osintbeta.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections