General

  • Target

    citizen.exe

  • Size

    229KB

  • MD5

    fdb0b8617cf84e37b6eb3d7d33fb2bc4

  • SHA1

    57d7ec3221470c30aaebd8c76a55daef900bfd07

  • SHA256

    ee7e7ac852c19524db20655a03bffdbcc34a26771fd3bbee1aa7b9c25e0e16b1

  • SHA512

    1f6d657bf33b08fae291b857e21055a3c3e2398d4b6d42ff764c9f95949441af79bf18a2602af0a7568eeccd0e5d47311c1838200e5ae2111b36176326e457fe

  • SSDEEP

    6144:lloZM+rIkd8g+EtXHkv/iD4n9w7U69VeAbGkFZwQZb8e1mRhMi:noZtL+EP8n9w7U69VeAbGkFZwgO

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1320449525479116871/2nl-lNOK3OOL4EJWAlWs6L8xzpybWJnH8mXfik2A0wv5WNXkWlF6IMTk5TGCt541XUdR

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • citizen.exe
    .exe windows:4 windows x86 arch:x86

    Password: 1

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections