General
-
Target
osintool.exe
-
Size
632KB
-
MD5
20181934a508ec23e7c2223be3c58e3b
-
SHA1
a29f3f89d10ff05f4589466bc11a2fd45016e0e5
-
SHA256
28fda1422979b63fd9b489a76cf5e43e68aa095eae547e96f050550b37208cab
-
SHA512
8f0a1dfa0e627d7779754cd045dc9dcaedbcb332870962706a9bbcc69d9383c8166c940844047ba4a85e3209f5bf0d284f7e84e67345347f8f2c21d93ef043f7
-
SSDEEP
12288:hoZtL+EP8shN9rI8jS67NokRq8zNiMdRC:fI8iN9rI8jS67NokRlBiMdA
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1312264598925344790/QIlCbExze1iw_e1zkeZ792QOLaj8nGWIjrO_7fuXi-iXKjKnWrqwQcXcL_p5RK0UxvMv
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
osintool.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections