General

  • Target

    MVPLoader.exe

  • Size

    296KB

  • MD5

    a003b413af774f804d4636f1c548432d

  • SHA1

    1278d0575f8f693f525b0c9382b9eb6c5a01f1f7

  • SHA256

    701bcfb85c1c91cba00d1ab6642071739621b886e79255d874dd0def2adbe6b6

  • SHA512

    9abbc1dae91f85e8565905cb78e7266e7dfa1a6c98e3c80dd2ad9e6d6fd955bd28b7b908c802c74a8e6960b98e85c4d040aa7e01adc0babb841634c339db79d6

  • SSDEEP

    6144:9loZMCrIkd8g+EtXHkv/iD4uDwGPlO2Z0c1niinghb8e1mbietLjth6t0stcOtKc:foZZL+EP8uDwGPlO2Z0c1niingtK

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1320670806732443668/0UUFqtoA2NYbVd7AdArv9rqvm_ZtjizgTVjt1FN3pY9Y8uP9gOvvZAT-Am6P5vPKkoge

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • MVPLoader.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections