General
-
Target
f40fdb9a6d6ce049437de3aabf212a6ce2eaaaf48bd478d691164c5ea32dc22dN.exe
-
Size
231KB
-
MD5
6b1466bbf3d206c9a9851a6b5626dc70
-
SHA1
d9039fe892d5f6da31462eb577f9377f359031d2
-
SHA256
f40fdb9a6d6ce049437de3aabf212a6ce2eaaaf48bd478d691164c5ea32dc22d
-
SHA512
77777aff4d363334409d8b0b47c2006aff5c904641892ecba3038a0be755e3ac70c63d413e251baf185e7d4d47f38fd1ff2f5e75cbffbc44de22c3abbf2f4cef
-
SSDEEP
6144:xloZMffsXtioRkts/cnnK6cMltMMjw2xpaBPyAxVkElb8e1mhzLHi:DoZdtlRk83MltMMjw2xpaBPyAxVkAMW
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discordapp.com/api/webhooks/1326983350606368888/6nNwZ_BPeT1GIaRGLO0xQj2DsvnMBNSzwMGZo-Zz-1rTdrKUSQ9WCgqpApFmFqKixfL1
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
f40fdb9a6d6ce049437de3aabf212a6ce2eaaaf48bd478d691164c5ea32dc22dN.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections