General
-
Target
8fd22c5acb3144dbaa5ab3f9dd5901eb6f3beef67e72ea431246c6a790c067deN.exe
-
Size
231KB
-
MD5
f70b5e56a09af292d4e909c547f9c8c0
-
SHA1
577883bdbe8dc9582e15e7a1212b1fe432bafce3
-
SHA256
8fd22c5acb3144dbaa5ab3f9dd5901eb6f3beef67e72ea431246c6a790c067de
-
SHA512
e54ccb56aa6473abd3530493933d5164f2dff02076e0f03443382f02d177a52e318d8d0f432e6a3fb5620eaffd09f2dbf6ccbf9698ba149b149c594fa162d879
-
SSDEEP
6144:xloZM+rIkd8g+EtXHkv/iD4+Ocip3cw/oeHp0AVO0b8e1mMi:DoZtL+EP8+Ocip3cw/oeHp0AVji
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1326652489054818346/f_cBTMEYAkXYcTbEkW-MUwYrefMORTfuoofsZ5ymJ5yR8BQpohmaCuB-PwAuIP1xAUKw
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
8fd22c5acb3144dbaa5ab3f9dd5901eb6f3beef67e72ea431246c6a790c067deN.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections