General
-
Target
SynapseCrack.zip
-
Size
31.9MB
-
Sample
230301-t3cewsha72
-
MD5
1fe6e5403aeffd8c521d4dec0c4818a8
-
SHA1
948a6794cbb9efa910c7312fccd1d79cb4b8f001
-
SHA256
c52423a7641cb6c932fb45b9827685ab13c2028a783ad930b90560e42db5c1cd
-
SHA512
b28749cf90aa6ee11a471d02f1fafad9a25f33ecbdecc451fb52de44ee9b7dd6e135a2aa522ef9dddf249c0e61e0ff03f27254b0af5a5148123c883b1b954d51
-
SSDEEP
786432:P68cYmHpFF1/op6QBQVpMk3FEuYhdPWhMNlj3u:P9cYmjjQp2G/PWhMvje
Malware Config
Extracted
redline
redline
not-qualities.at.ply.gg:59219
Targets
-
-
Target
SynapseCrack.zip
-
Size
31.9MB
-
MD5
1fe6e5403aeffd8c521d4dec0c4818a8
-
SHA1
948a6794cbb9efa910c7312fccd1d79cb4b8f001
-
SHA256
c52423a7641cb6c932fb45b9827685ab13c2028a783ad930b90560e42db5c1cd
-
SHA512
b28749cf90aa6ee11a471d02f1fafad9a25f33ecbdecc451fb52de44ee9b7dd6e135a2aa522ef9dddf249c0e61e0ff03f27254b0af5a5148123c883b1b954d51
-
SSDEEP
786432:P68cYmHpFF1/op6QBQVpMk3FEuYhdPWhMNlj3u:P9cYmjjQp2G/PWhMvje
Score1/10 -
-
-
Target
SynapseCrack/Synapse Launcher.exe
-
Size
1.2MB
-
MD5
654fc3d81c760ef8b47c78cc907f3331
-
SHA1
9638fc0dc83ae258126ed9423838ce990d671702
-
SHA256
bc6be02d22690715ebfbc89dbb1f611a62632dcfedd9f6da1194eb4477ff2428
-
SHA512
6a0ebd9423027f49306fb7507fd43f3ec097e268d188983d4ff7a4da5201f9d3fd07c0999b8d00201ec3155738fe207421fc4545628ad85468a54d0d14d96145
-
SSDEEP
12288:pVXGAQZ/q8KFbEk1OKvoOGWYpYxqOrXD4frMjo2ccApHvCHAuE:pRGPqLYjKvoZWPPTDS2ZAJvCK
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT
SectopRAT is a remote access trojan first seen in November 2019.
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
SynapseCrack/bin/CefSharp.BrowserSubprocess.Core.dll
-
Size
912KB
-
MD5
67e9fdff12286ad0ff11aa7e8a7775d9
-
SHA1
245ec015e953bb395cf5d1e4f54804166daeaf68
-
SHA256
b184f42ad13993a963700ad40400d401e398a46f72056f5907b6acdff986c63d
-
SHA512
42c068e0b157fa5bd9ec9be977c1ec44712fc78909efb64961dc1e34d6c7fccc7af6bb685e847f32da9fe9124a215ad3adea08317279851c8ffd2761a3b47870
-
SSDEEP
24576:uVK+vDCBGb9UKpUzXoiYehQspQ8SdWHubiWyzIrQK0OXPOlNce+pi:RcUKpUzXoiYehQspQ8SdWHubiWyzIrQO
Score1/10 -
-
-
Target
SynapseCrack/bin/CefSharp.BrowserSubprocess.exe
-
Size
7KB
-
MD5
1687e4430649fdd4fde98a120f992836
-
SHA1
fd7227e15928bee5335772cd72dba0047f6d06ce
-
SHA256
5b0d7eec5ae0f5af562ec02611dbaadbfba6b308ba0345cb19b30a0a84f937a7
-
SHA512
a6c3b0db67a4f27a37ee2b9302752c2094015bcca9a006561805fbe93f178e163e47501bc3c2c120cb8469a7985d69533020f9d736e6409e31fdc1084e279f4d
-
SSDEEP
96:JHxBI7lEsmQBDs93z5ZzFZOIaetmA/Nt61OYcXei+U:JRBIWsmQB63z3zFZVsAYcXeU
Score3/10 -
-
-
Target
SynapseCrack/bin/CefSharp.Core.dll
-
Size
1.3MB
-
MD5
a44554d38b7a25a7ab2320fe731c5298
-
SHA1
c287a88fd3a064b387888f4bbc37a0630c877253
-
SHA256
35980974bdba6d5dd6a4dc1072e33aab77f72f56c46779cb0216e4801dcc36ab
-
SHA512
bd8956b7e8ca6d1129fbbb950dd913183b3e92601c2c900aed26d695782e4663654ac57074e1f0f2efcf9cced969487162910dc9bb52b42572d61994b07f2aad
-
SSDEEP
24576:yXIdphyvfDVKyFnp89jCbBNr0s7HQAqcwYhPolDexla9e6dhkOi0nK+++evP4ZcC:HsJKyzNr0s7HQAqcwYhPolDexla9e6dp
Score1/10 -
-
-
Target
SynapseCrack/bin/CefSharp.Wpf.dll
-
Size
83KB
-
MD5
1533d9b2ed991ad4fecef548dc762565
-
SHA1
7a0664cc6bdc5ffd23c4aba43fa7b2acdfe949f4
-
SHA256
8e6e874d51f654c1c081cd1658a2e4ad8e3b92e74f9406e8c4eb34d354ab8791
-
SHA512
710677d3c6ebff9da638d22a3ae800eb12ba947aad9acb4e42f9e9268ade1b8dde680b4aa135121851285943aecc0fc9be85c5ca8a269d6857b35e905c7b7c12
-
SSDEEP
1536:VdX1kcRoMy1tkZBjxQVhfcmzedNTppNCSyh1FPmyGx8Nge8Fu/mGmDtcOd:VdFLoMk24ClwNge8FPGMf
Score1/10 -
-
-
Target
SynapseCrack/bin/CefSharp.dll
-
Size
219KB
-
MD5
92defcf3ee31db03999e8ea41742f8f8
-
SHA1
2d5a94c029e1ac0df07a2055f03ca3d77ceb76b6
-
SHA256
d3873ec8cf9a80b3b5691445cd0f6d2a38f5a2432864d7fa372b751bad54e891
-
SHA512
d58f4c6bf526ed5e19bbb9c36db8fa192c63eb770b8bb5cebef0e1baf69d35ec3e1367062b9d2af9aa654d97e9cdcecca9c12bc73d9097c38a9c7e6dc11f103a
-
SSDEEP
3072:dLU+ln+doWgHRVIceekE8Nb3+hwx6vOc5jOpP6AOSrzHnZpy:Rh+dYI4dwx6Oc5MPPpH
Score1/10 -
-
-
Target
SynapseCrack/bin/SLAgent.dll
-
Size
6.0MB
-
MD5
9b248dfff1d2b73fd639324741fe2e08
-
SHA1
e82684cd6858a6712eff69ace1707b3bcd464105
-
SHA256
39943c30732988289ca346902f007a72124bd98b82e08b0b9739241cdab4018e
-
SHA512
56784a895f113088e3c92ccd96f354473e5d849fb9d0798868ff5e9477f60854e8bc7c9759c63417c9298f8702abab266722439b445977c6e940da393b8b696c
-
SSDEEP
98304:whgYUp+QvBY2uccY07B1nG9CHvaxFNErtcKXc17TEBT0VBTFX3NwwJqOft:w2j8YCRGEP0iOvuT0FXKwt
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks whether UAC is enabled
-
-
-
Target
SynapseCrack/bin/SynapseInjector.dll
-
Size
6.0MB
-
MD5
9b248dfff1d2b73fd639324741fe2e08
-
SHA1
e82684cd6858a6712eff69ace1707b3bcd464105
-
SHA256
39943c30732988289ca346902f007a72124bd98b82e08b0b9739241cdab4018e
-
SHA512
56784a895f113088e3c92ccd96f354473e5d849fb9d0798868ff5e9477f60854e8bc7c9759c63417c9298f8702abab266722439b445977c6e940da393b8b696c
-
SSDEEP
98304:whgYUp+QvBY2uccY07B1nG9CHvaxFNErtcKXc17TEBT0VBTFX3NwwJqOft:w2j8YCRGEP0iOvuT0FXKwt
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks whether UAC is enabled
-
-
-
Target
SynapseCrack/bin/cef_100_percent.pak
-
Size
639KB
-
MD5
f9584dcc12af247be531f348c856f65a
-
SHA1
6c78561f7641a0a68a3a668e45a4d72962ffd878
-
SHA256
5d1dc0f08500369842b83750a07d3dd0230b3246c492784b5cb26cba2c4a40d4
-
SHA512
55f611be62ca6e2cf9736bd8b68d0a0c7a5468d650e96863bd3322e7d5e845887313b8e45125d9e1a9608a455726fc769f01049d47e983a5aeebc910555e79d7
-
SSDEEP
6144:1wAiHcSjalRrd0E6mdXR31wLzwVyT5TNhx5c1YC7x10fSucY7OP2ITQ:1wA2h5Tbgf1d/dQ
Score1/10 -
-
-
Target
SynapseCrack/bin/cef_200_percent.pak
-
Size
790KB
-
MD5
498133d9ffbdee7d8996cbd4cbd944da
-
SHA1
eb26f9e98509931e22c18c2a469a698bfef0b5fd
-
SHA256
b362be1e8853b97afb22d6611b6c480127ef7a478c79d8ef7b3cbc070e4abaab
-
SHA512
a2ccd21ce6302f7552f31217aeebd6a7399eac9829d0240346bc0512bad940a2f04108fccb821e13c43b18f6f0a665d3bda25da6099b899d699b60082074ddf2
-
SSDEEP
6144:nAiHcSjalRrd0E6mdXR31wZDQYaR+9bGHgs4jTl+TNNz73QYV85u/oFYvwoytKiM:nA22fIegs4jTITDg5u/oFFpxLlFYb
Score1/10 -
-
-
Target
SynapseCrack/bin/cef_extensions.pak
-
Size
1.7MB
-
MD5
79213c18bddffae6044263d883464200
-
SHA1
711ed6d95e1de97eda384aab9b9b102d7718641e
-
SHA256
858eceabe965e0dbe74b12d4403b9ad0fb1e23248bb2b0250f8d42e6229f7bb4
-
SHA512
6a172b56213926c6dc18afcb1d10c8e4d09e8a16cb7209bf0e3cd7f17b25992d0ef17ebb070ea14a684d37e00993b7db79dfddd8500433e99812c2e94f2fe6d7
-
SSDEEP
49152:Cecrl/5VsBDeI6OG1hdAKeGJIJzIe77HgryM726Y:gT1h8GItFgGMy6Y
Score1/10 -
-
-
Target
SynapseCrack/bin/chrome_elf.dll
-
Size
788KB
-
MD5
6499ea6b92ab4971886bd06c12625819
-
SHA1
5ebb75eeca7625b9511233158a02f50a92867a39
-
SHA256
6820f276c0d71557a0c7b997fd2f4a3ac6a45c86454c4dc3bcfa29843b5c470b
-
SHA512
e57703730e42eb9d80e762337e08176705b349f54fbd429edc657d44c9dc3a1f9ccfa594bc3ef622798aebb5bc69b225abb266b00f9b350ae59f734c2f31f63d
-
SSDEEP
12288:bCr6Tisy+fUv6cwQhl0j+iBQIR+ybWlkkswiS1cVlqoKe9+nIMQbNt:Wr6Tisy+fUv6cwQhlcbWFi8iDjD
Score1/10 -
-
-
Target
SynapseCrack/bin/d3dcompiler_47.dll
-
Size
3.5MB
-
MD5
f76b1d2cd95385b21e61874761ddb53a
-
SHA1
e5219dc55dcd6b8643e3920ad21d0640fd714383
-
SHA256
8bf0eeb5081d8397e2f84f69449c8a80d9c0cdcf82bcef7a484309046adcb081
-
SHA512
8e5c6541bbea6730c4f6392439454f516d56ac9ad6d6b55336e52361cc80a35fbed8a90d58020d92fa4ac9fcfeee6c280754a9e99cc32bae901b00306626e69f
-
SSDEEP
49152:fjmJAksRXmBNgC9ITPPE8WHmy0HRZ+kyOzDJn5c5v5H3pqC23u6q+25omPEyXzjl:fy2Ckrj+kyOv2MJ+6q8kbqS/Ai
Score3/10 -
-
-
Target
SynapseCrack/bin/j3FlK5zDyYtNpwB.bin
-
Size
2.4MB
-
MD5
89c1ed9b8f26601e87e78e9bef226f6b
-
SHA1
b7a9f82784e067eee0b9649ff756a8f209f153f6
-
SHA256
6cc9a31f3b52a785f27b0ac6dfc2cecfbb39b2a71ce1a19247524f81095a4df2
-
SHA512
31a3d2c4da8d1a12780f1baf6d2302b616ff4cb0db61126d815cb1d114387c6ae58f63305ed08cba097eeab288f282b5d5cd1c1de6e80873bb061ca8ebc9c802
-
SSDEEP
49152:Rjs22TkQ8r6m1MbgGFM68QwrL2MOiieyHJS9Ob9rO0eOpNvtJpl2:dsh8+ZJF2f2MZ8iOb9rO0eSNvtJp
Score1/10 -
-
-
Target
SynapseCrack/bin/libEGL.dll
-
Size
306KB
-
MD5
a6bff6c3e64d7e0b93361c7696783e96
-
SHA1
b86339ad28e87c523b6c8bf9ff8787d5d390bd51
-
SHA256
f808b62775fd4a422e4fcff733ef185e7846e76c533e464cfeaddc96a25a8887
-
SHA512
c271243438ba54f27d6bd02d38ba4620199fda0ba9b373bfb7522fd128fc32e4028ff9ef9e02668f78c0f86446af3b3a4f8fcc2263e53301553f9a140816e65f
-
SSDEEP
6144:wfGwxWv6tN2phvpaKHBvb5ZzaYudGGWMfe/tpEEfh8odAcHH6cG:w+wxWyn2pFvb5ZzIsGWMfe/TtSodVn6c
Score1/10 -
-
-
Target
SynapseCrack/bin/libGLESv2.dll
-
Size
6.4MB
-
MD5
48bd3bf564d6592417ee5cae16e34e6e
-
SHA1
f29f91d5863be99267cec7bbe8cb51159a7a3adf
-
SHA256
53a7ea40cd589683dfb57ee0f187d6f3e373b2df5a3e0129c41a5c1e7de5d0c0
-
SHA512
c9da5cc25b29bf1b5cdc3de42650e6d893ae89b8451fb67a8a1e4f5df9d71d503b5e010a17540d46e96c1244d58c2490f0b8d5380a98337cbb7bf13b69101683
-
SSDEEP
98304:+/p3sY6QaLuk1s0EU0qf8zRfU4WIIIMBtLLdAr16KH57wemx7+lw:E36QffqfGpU4WIyFLdoEQWk
Score3/10 -
-
-
Target
SynapseCrack/bin/vWMJ8rdGYA3jWk3bqJB.exe
-
Size
2.4MB
-
MD5
89c1ed9b8f26601e87e78e9bef226f6b
-
SHA1
b7a9f82784e067eee0b9649ff756a8f209f153f6
-
SHA256
6cc9a31f3b52a785f27b0ac6dfc2cecfbb39b2a71ce1a19247524f81095a4df2
-
SHA512
31a3d2c4da8d1a12780f1baf6d2302b616ff4cb0db61126d815cb1d114387c6ae58f63305ed08cba097eeab288f282b5d5cd1c1de6e80873bb061ca8ebc9c802
-
SSDEEP
49152:Rjs22TkQ8r6m1MbgGFM68QwrL2MOiieyHJS9Ob9rO0eOpNvtJpl2:dsh8+ZJF2f2MZ8iOb9rO0eSNvtJp
Score1/10 -
-
-
Target
SynapseCrack/workspace/Aimbot 3.0.txt
-
Size
98KB
-
MD5
a026af0c23f83d6ec3ee17a4453c7dcf
-
SHA1
e707b0ebf1eac194e90c70767ee29a1c37e1a4a2
-
SHA256
81fe4c1f8cbcf06e43a347fd8c39ceef960995031ae71db385c28636dfce3ec8
-
SHA512
9817501504aa1b4777f8d0b10c9776d224e0aa38e9ca91a6c80d472d5b5ceafac2e507c335a2bd9959073d74912825e1361bae699404b8c3bcdd9306b85c1b79
-
SSDEEP
1536:3N+t5Lq6w48qJ4UJe6wyG9EeG251GX/J3GC1Zqn+MVpx2RnB:kt5L0UJe6wyG9EeG251GX/J3GC1ciVB
Score1/10 -
-
-
Target
SynapseCrack/workspace/Aimbot.txt
-
Size
30KB
-
MD5
3ea5f844c18f550a3db09193c56594e8
-
SHA1
389968ae4228908180ba68ecfab2ddfabeb0966b
-
SHA256
d33d3205288b776d977ad0047647bc8d40b83bc7d4f190f86f1011c8b417e983
-
SHA512
8af81e52e74950a1961ad004400140386b0ad3d49d64e9617ad12d4550a4b1699eddf8e79849a32cdbdad034f25ee535430de9bef0513758e48b29a54d52b440
-
SSDEEP
768:DW6T+ELiUI29j8vVwP8UkSVDYtDkYNighmLlmyEDKtpWpJ7xwrs5SwG1NBbp0Bwh:iYTEK0y
Score1/10 -
-
-
Target
SynapseCrack/workspace/CC Aimbot.txt
-
Size
23KB
-
MD5
3ab630b89a082862b82b552185ea4f84
-
SHA1
703658e38cb131e6e53491f437a2e7e80a19ba82
-
SHA256
54cba20aa0213ce83ed348763db0b17a55e4f39fbeae2ef0535ccf76b95bf622
-
SHA512
9c290dd73db4425643f52f5f72c9c4d55666071141f3efd696e4b757b46ebf9fc6bb964ed61f3d9e3ddcbdf4073850041a43b9df6dbf50fcace9382d875fe77b
-
SSDEEP
384:vP89lT07hqwp4EfExaDMluPQhKj8NTtXNKCkqJKcGfOtCZukLQKfb/eo5H+mYxsa:vP8XT07hqwp4EfExaDMluPQhKj8NTtXR
Score1/10 -
-
-
Target
SynapseCrack/workspace/Dex Explorer v2.txt
-
Size
632KB
-
MD5
317fec7c823a6ba4ad613220b587a0e8
-
SHA1
3884e8a9a9122e7912c76c919f20c1b9d274f505
-
SHA256
5573cc6f439511c5ec73b0c88af87bce49cac37475aa32da5b75b931f632a3dc
-
SHA512
d5adc2137051ab321197d0a2261ab991f5bf16e0271485c64b66679d863efb58191fe269fc40aa39feefd380b28d33168a6910b7ec40dedd2974e6d1d2db0bad
-
SSDEEP
12288:fyXiPr7Gja8LsZuN6nQRXONQDKZsjOCBkVgfgLcbVgBe28Vk9Gm1OvClEjmD1Szi:fyXiPr7Gja8LsZuN6nQRXONQDKZsjOC0
Score1/10 -
-
-
Target
SynapseCrack/workspace/Dex Explorer.txt
-
Size
772KB
-
MD5
a39e58e282d7f358148657f364697868
-
SHA1
d0daa24f30aa7ce2e77b9ced33ffa328b306afa9
-
SHA256
694ee92839e98635a3597f19deeabfde45efa44399c08ae9602bab145cc3f141
-
SHA512
242868b3d3494f42a9dba7989149c947d4b2efa93ab277053bf711d4db782e6b8b2af2a7d607105126a2023ca9eaba12259c327d6bc7eb4944e17f99c81b1a76
-
SSDEEP
6144:8omu2T2otUaomQcEZVGkJuMaZoJ86loiZRD6uhZF+1DtyrQ44/R04NRpFbalISzS:eYTeC8
Score1/10 -
-
-
Target
SynapseCrack/workspace/Mad City 2.txt
-
Size
266KB
-
MD5
1f2e26cfc004bdc2f2de0679c8ff2568
-
SHA1
82f610d4b99fd08b52ffdd7d23b9f036bdcf27ba
-
SHA256
629a0b979031a8b94d19e55cc1974c1361b491b005ca6b2f849265c5812b39f4
-
SHA512
155fd7696881f01e401028f39e123a3023d5f84dab1a41c8b0440587b00aa8d4bab6654414c6e5a49ffae69734cbf2f0dac68cb1106a717e4216c69ef762103b
-
SSDEEP
3072:VS2T6iABa4FZmn//HRR4OhRUU8EdPpES4xFdbIy91oH34O91N8sh/:VVTPzYZmnnoOLUzEdR34xFdbIUoXJisB
Score1/10 -
-
-
Target
SynapseCrack/workspace/Orca Hub.txt
-
Size
337KB
-
MD5
43a5e8e3568866547fc895697f0724a2
-
SHA1
87220ac44f6b382833ee71d64a48dd44bf0420fc
-
SHA256
8b978e5a46f1887998cb26b0f4ecb6ae2a70e991dc4154f1b659ec38e30df464
-
SHA512
7fbd8c5a5b8b7c8c5cc58a1298ed829ba9d952e410efe19bcbbb4284ba21c9dbcb1d55f3b6e20884a0b088979fe271bb2a430b586e77032b94f5280ebdf432f5
-
SSDEEP
3072:/Gq1S9UrOJ5zrBoPz1rV3Ghf+4mPWEXod/2QG:/Gq1S9UrOJ5zr2Pz1rc+4+
Score1/10 -
-
-
Target
SynapseCrack/workspace/OxieHub.txt
-
Size
934KB
-
MD5
7134fce9dfe14c989ad2b364e67bb849
-
SHA1
e5c4332313fbbc8f6e5c4674d0f9c1ad198d6b59
-
SHA256
c05f6e333b5d6d3001e18866bf905432bfd3161b711d277667d7f80834a6309e
-
SHA512
313a5b3f98b01caa2113688b516d6df81088b56d0830509ec722c66bb6d5b2c2023644e234a7fa3e0a6482df99ca4ebabb4af9a91a7cbc6c72d110d7f6adc948
-
SSDEEP
24576:bZNispDUXheiuvliqNRMYZO0fMJqM3N72:bZj8R4ihYZO0fMJqINy
Score1/10 -
-
-
Target
SynapseCrack/workspace/TopKek V3.txt
-
Size
81KB
-
MD5
9e488b83078daf39e6f15f90c8d689cf
-
SHA1
8602a9d4ecb5c4ea52f096e60b72607731c62277
-
SHA256
c40fe38b134a8484794b773a363377ec8b37ed8bb5b5c88e182f4f7acc60b4c8
-
SHA512
a86b60e792572ecc512ffad6eab8c271da206fe108d03c9c0156b5eea7a889c61943e88480a14f51ca787c79d084bc099cd3b01e7b5569e6149b3b079a45839a
-
SSDEEP
768:l9dGinWaivTGFMoN6x94g+SnITXinAUJj0WFtdefC3ELZ7KhJDr0RzKokMy23ckW:Y3sr7b8W2PSh0gpNtiVtB
Score1/10 -