General
-
Target
Umbral.exe
-
Size
230KB
-
MD5
38b42800e087dcee9961a8e80318d6f2
-
SHA1
36893cfd322a6021d8048ca6971fc094de6a9f7c
-
SHA256
44a1693b64e6cb0054ab2d7188af6c9f213ba2a65cf278b6f3857ab462cf30a2
-
SHA512
5c1d1065e8d076abeabe473f184e7561a2bc9b8b1486b3bff7540e736aa700a93a4879f97f70e176044089ca6eb0462725f26cdd3cb78190de62a62252cb6039
-
SSDEEP
6144:uloZM+rIkd8g+EtXHkv/iD4K8Nqbw2xpapPyAxVkK6b8e1myui:4oZtL+EP83Nqbw2xpapPyAxVkdXD
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1332030375077216306/3rxK6nEeUFjjZI2c3QNixJZiCzOVXLwyTS7_l3YYFoHKSYzr318OCLnlysEyz2B3QeeN
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Umbral.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections