Resubmissions

26-06-2023 18:18

230626-wxlsgsbc83 10

26-06-2023 18:16

230626-wwf6lsbc77 10

General

  • Target

    ASyncInstaller.zip

  • Size

    92KB

  • MD5

    92cbb4a37908962409c06c3b49d1b10f

  • SHA1

    77a6ee8b92e295e532cc336839d3bf4b4a4a5930

  • SHA256

    df837d571a8f552df3a44469366f7d6c37d433da7e6c7ca9becd765fc8ba0d96

  • SHA512

    793abf7191ae17f45ab58598be41e6701c07e9d79e26264d43739c40bb405513623778943d8d2b09aaeb08ebdd26de6dc365e35a54aa59392f39c177a85ce37d

  • SSDEEP

    1536:g67eqQRbCDgubHUZb/H+YAyxBpooybvHqx5fpM7NQljth9m52JocwR5ypVOocPHX:laCDgubHUlf+YAgpoBHqjfpMqls5swSw

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://canary.discord.com/api/webhooks/1122952465063612421/Bz3tYEXYmVU2e4c5-1j8AyVX1r6p9ZEvLpzX95HtQ7Rg9Ty4r__5k6VGkLtHJHfTL9F-

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ASyncInstaller.zip
    .zip

    Password: async

  • ASyncInstaller.exe
    .exe windows x86

    Password: async

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections