General
-
Target
Umbral.exe
-
Size
229KB
-
MD5
0cc2a414bb58a3f9e345ea56350ff9a4
-
SHA1
09ec47af8c94ac3a94ad0e29df8a1405a6bc9e01
-
SHA256
2ce5ab90e160d795bee80f40ab817b2beb35fb43845e61658942eda4ca0b376c
-
SHA512
007ea98156043b18be5a612741ca9d2a0494dd5a5f7cea06a27185ac0de3950dd295d7e5066ea4313e3c517159b96450397e9645798fb2a2abd92ab8c21adccb
-
SSDEEP
6144:tloZM0rIkd8g+EtXHkv/iD4eKbNoOJBiVHaIJtM9Xb8e1mgri:voZDL+EP8eKbNoOJBiVHaIJtMZ3m
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1315042987738271906/DA_h572ndjn1BlePnD8XOQjC3fkvpimY8QR3cl8FiFBAV59Fb8w7SI3yb2MlOJn8omh8
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Umbral.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections