General

Malware Config

Signatures

Files

• Synapse X.exe

  .exe windows x64

  Password: infected

  
  

  Code Sign

  0b:24:83:07:ad:c3:3c:3a:f5:97:fa:a5:a7:90:37:94

  Certificate

  Issuer

  CN=DigiCert Cloud Services CA-1,O=DigiCert Inc,C=US

  Not Before

  03-05-2022 00:00

  Not After

  02-05-2023 23:59

  Subject

  CN=portal.office.com,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  5f:74:9c:d6:2c:ff:11:46:b6:d3:43:17:13:d4:2d:bc:a3:ff:3c:64:ba:40:1d:6c:51:ba:24:45:9f:4e:8e:a4

  Signer

  Actual PE Digest

  5f:74:9c:d6:2c:ff:11:46:b6:d3:43:17:13:d4:2d:bc:a3:ff:3c:64:ba:40:1d:6c:51:ba:24:45:9f:4e:8e:a4

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=portal.office.com,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  16-03-2023 15:37

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DEBUG_STRIPPED

  Sections

  Size: 28KB - Virtual size: 55KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  Size: 3.5MB - Virtual size: 3.5MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 3KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  Size: 2KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  Size: 1024B - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .bss

  Size: - Virtual size: 3KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 512B - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 512B - Virtual size: 104B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 512B - Virtual size: 16B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 14KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 512B - Virtual size: 148B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .idata

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 14KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .themida

  Size: - Virtual size: 5.7MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .boot

  Size: 3.3MB - Virtual size: 3.3MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .init

  Size: 512B - Virtual size: 512B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 16B - Virtual size: 4KB

  IMAGE_SCN_MEM_READ