General
-
Target
Synapse X.exe
-
Size
6.9MB
-
Sample
230316-v2fatscb27
-
MD5
a8a15efa4939cd7c4d88ea205c7276d2
-
SHA1
9afc28f629de1345a4c941bd960252b2a8937ffb
-
SHA256
ea70745c596123b401d314045333b7cb01d4183c9fba16e398ff68d199415d27
-
SHA512
f7b2ceb002e0c36bcb68c09443fa1ad19521520c52f9d79e95570e4b725e9695974600afb6941875e70852e4e926d6ab396d8df8601fb9510b2ff03af890018b
-
SSDEEP
98304:wUhz6Tu64qLGvyranJRfn/SDFAxFpajSULiL5Jb0eKeoXJRfRYR72rSoxCpQhC:Vl+4rqra7aFCFpaLObJKDJR5MqhAehC
Malware Config
Targets
-
-
Target
Synapse X.exe
-
Size
6.9MB
-
MD5
a8a15efa4939cd7c4d88ea205c7276d2
-
SHA1
9afc28f629de1345a4c941bd960252b2a8937ffb
-
SHA256
ea70745c596123b401d314045333b7cb01d4183c9fba16e398ff68d199415d27
-
SHA512
f7b2ceb002e0c36bcb68c09443fa1ad19521520c52f9d79e95570e4b725e9695974600afb6941875e70852e4e926d6ab396d8df8601fb9510b2ff03af890018b
-
SSDEEP
98304:wUhz6Tu64qLGvyranJRfn/SDFAxFpajSULiL5Jb0eKeoXJRfRYR72rSoxCpQhC:Vl+4rqra7aFCFpaLObJKDJR5MqhAehC
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-