General
-
Target
Umbral.exe.zip
-
Size
97KB
-
MD5
db8e5bd880a5d7e6e70e0e2fab4d5f54
-
SHA1
9ade829655a11b6a9ad5e195082740b14beef3e5
-
SHA256
f99bfa12c4d77132272330c8d2b2bcc2c928a24fa82d867c5c2025e1c2dea214
-
SHA512
a53a1392d8e0352ed17617c303c28eb42c207646e081b69fd7f2c4389f8eab95c608b3775731d95635f4aa270d3a641a41e8ccc7c5247d50bf6e4017cbc4a1a1
-
SSDEEP
3072:ld4Q2UYzc3GkWBkNyfMfnPVxixEe97J10IOMXpaW:lCQ2BzjDkMfMXXixEeR+cpaW
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1250780098433388594/-tW28G3oEjwMYE0wFWQK2ljLBzIQ65-6TZYsA2YWJ0-2c3Z0lHciqIN38kTaLF174s1B
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Umbral.exe.zip
Password: infected
-
Umbral.exe.bin
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections