Synthesia[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Synthesia.exe
Size

29.4MB
MD5

5e521a17a6283bf8ef7c4fe3b87fdb25
SHA1

534653e232d238042999d81b9b9802fa8e8b5a2e
SHA256

bc39f94d6f9818e4426e88ca60fb769d30c9a55af3eb0d26b35652811eaa2626
SHA512

e22b3ffb68c9836f7dcb057d4758e690af67efe8a2d79fe08de864a6f1d283a2e0f819e118bfea798a556cf037b601cb1ae20d8a2a1ebdcb4df6aa1c21ffca9b
SSDEEP

393216:hTUwPQqj//Gar/1roYSsznlVplHYTmUunMglcX4ys0jdOyxt8JlKTv+bLt1DnUOk:hLXuartroYR94glEjd7xtBTmbLXuq

Score

1^/10

Malware Config

Signatures

Files

Synthesia.exe
.exe windows x86

2215175a39e38cff394dd73d5ba843eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToTzSpecificLocalTime
GetCommandLineW
GlobalUnlock
GlobalAlloc
FileTimeToSystemTime
GlobalLock
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetFileType
GetStdHandle
ExitThread
ExitProcess
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
GetVersionExW
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
UnhandledExceptionFilter
InitializeSListHead
SetEvent
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetModuleHandleExW
QueueUserWorkItem
IsProcessorFeaturePresent
DecodePointer
EncodePointer
RemoveDirectoryW
GetFileInformationByHandle
FindFirstFileExW
FindClose
GetCurrentDirectoryW
GetStringTypeW
QueryPerformanceFrequency
GetExitCodeThread
GetCurrentThread
SwitchToThread
DuplicateHandle
GetOverlappedResult
CancelIo
ResetEvent
CreateEventW
GetTickCount
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
FreeLibrary
FindFirstFileW
SetFileAttributesW
FindNextFileW
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GetLastError
CreateFileW
GetFileTime
CloseHandle
CreateToolhelp32Snapshot
GetCurrentProcessId
Process32FirstW
Process32NextW
CreateMutexW
GetVersion
GetSystemDirectoryW
GetModuleFileNameW
GetTempPathW
GetTempFileNameW
GetUserDefaultUILanguage
GetLogicalDrives
GetCurrentThreadId
GetCurrentProcess
FlushFileBuffers
SetUnhandledExceptionFilter
VirtualFree
VirtualAlloc
GetSystemInfo
QueryPerformanceCounter
VirtualQueryEx
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
GetFileSize
ReadFile
RaiseException
LocalFree
GetTickCount64
GetProcAddress
GetModuleHandleW
Sleep
GetModuleHandleA
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
WaitForSingleObject
GetFileAttributesW
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
LockFileEx
DeleteCriticalSection
GetProcessHeap
SystemTimeToFileTime

user32

ShowWindow
SetWindowTextW
EndDialog
SetCursor
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
UnregisterClassW
DestroyWindow
ReleaseDC
GetClientRect
SetClassLongW
GetSystemMetrics
CreateWindowExW
LoadIconW
LoadCursorW
ScreenToClient
IsZoomed
IsIconic
InvalidateRect
AdjustWindowRect
ToUnicode
GetKeyboardState
SetWindowLongW
OpenClipboard
CloseClipboard
UpdateWindow
GetDlgItem
PostQuitMessage
DefWindowProcW
SetWindowPos
GetWindowRect
SendInput
SystemParametersInfoW
GetDC
MonitorFromRect
EnumWindows
GetWindowThreadProcessId
SendMessageW
MessageBoxW
GetWindowLongW
GetKeyState
IsClipboardFormatAvailable
GetClipboardData
DialogBoxParamW
SetForegroundWindow
EmptyClipboard
SetClipboardData
EnableWindow
GetWindowTextW
RegisterClassW
GetMonitorInfoW
MapVirtualKeyW

shell32

SHGetFolderPathW
SHCreateDirectoryExW
ShellExecuteW
CommandLineToArgvW
SHFileOperationW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

ws2_32

ntohl
ntohs

dbghelp

MiniDumpWriteDump

wininet

InternetGetConnectedState

winmm

midiOutReset
midiOutClose
midiInReset
midiInStop
midiOutOpen
midiOutGetDevCapsW
midiInClose
midiOutLongMsg
midiInGetDevCapsW
midiOutUnprepareHeader
midiOutShortMsg
midiOutGetNumDevs
midiInStart
midiInPrepareHeader
midiOutPrepareHeader
midiInUnprepareHeader
midiInAddBuffer
midiInGetNumDevs
midiInOpen

winhttp

WinHttpOpenRequest
WinHttpConnect
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpOpen
WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpCloseHandle
WinHttpQueryHeaders

opengl32

wglMakeCurrent
wglCreateContext
wglGetProcAddress
wglDeleteContext

gdiplus

GdipCreateMatrix
GdipDeleteMatrix
GdipScaleMatrix
GdipDeleteBrush
GdipCloneBrush
GdipCreateSolidFill
GdipDisposeImage
GdipCreatePen1
GdipDeletePen
GdipSetPenWidth
GdipSetPenLineCap197819
GdipSetPenLineJoin
GdipCloneStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipFree
GdipCreatePath
GdipDeletePath
GdipAddPathString
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetDC
GdipReleaseDC
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipSetWorldTransform
GdipDrawPath
GdipGraphicsClear
GdipFillPath
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCloneBitmapAreaI
GdiplusShutdown
GdiplusStartup
GdipAlloc
GdipStringFormatGetGenericTypographic
GdipDrawString
GdipMeasureString
GdipDeleteFontFamily
GdipCreateFontFromLogfontW
GdipDeleteFont
GdipGetFamily
GdipCloneImage
GdipCreateBitmapFromScan0

gdi32

SetPixelFormat
ChoosePixelFormat
GetStockObject
GetDeviceCaps
SwapBuffers

advapi32

RegSetValueExW
RegCreateKeyExW
RegGetValueW

ole32

CoInitializeEx
CoUninitialize

bcrypt

BCryptGenRandom
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 619KB - Virtual size: 618KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25.3MB - Virtual size: 25.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2215175a39e38cff394dd73d5ba843eb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

version

setupapi

ws2_32

dbghelp

wininet

winmm

winhttp

opengl32

gdiplus

gdi32

advapi32

ole32

bcrypt

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 619KB - Virtual size: 618KB

.data Size: 110KB - Virtual size: 287KB

.vmp0 Size: 11KB - Virtual size: 10KB

.reloc Size: 160KB - Virtual size: 160KB

.rsrc Size: 25.3MB - Virtual size: 25.3MB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 619KB - Virtual size: 618KB

.data
Size: 110KB - Virtual size: 287KB

.vmp0
Size: 11KB - Virtual size: 10KB

.reloc
Size: 160KB - Virtual size: 160KB

.rsrc
Size: 25.3MB - Virtual size: 25.3MB