Overview

overview

10

Static

static

1

synapse-v2...22.zip

windows7-x64

6

synapse-v2...22.zip

windows10-2004-x64

1

README.txt

windows7-x64

1

README.txt

windows10-2004-x64

1

Synapse Launcher.exe

windows7-x64

9

Synapse Launcher.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    synapse-v2-launcher-12-5-22.zip

  • Size

    351KB

  • Sample

    230331-3jg1psfg3y

  • MD5

    b03b887ae392b6f33fad562becfc0482

  • SHA1

    101c2388c16ca7678a8426739ec7a1b505a6f6aa

  • SHA256

    93db5f4e53b9c0514b9c0c4c562be8d8e7c3d64f8542c03b7e7f032a9c5d0c55

  • SHA512

    0c1cd2e1f5c32b76aa8c994b6399acf81c6f9e2558e120d2eefcde9628a162fa4c3c74aae519a59640f49ee6ca1a33f3faeeaea5e8c02aef9749af0c74d4dc73

  • SSDEEP

    6144:tIYeWfLyWEuLGqsdGNNG5cbM8b1O+cy8xHZ/Lm/nukJxxUO3atM/bc1TEia:tyW5EuKwNNyOHc9xHZy/nVtUOL+T4

Score
10/10
lummaevasionpersistencestealertrojan

Malware Config

Targets

    • Target

      synapse-v2-launcher-12-5-22.zip

    • Size

      351KB

    • MD5

      b03b887ae392b6f33fad562becfc0482

    • SHA1

      101c2388c16ca7678a8426739ec7a1b505a6f6aa

    • SHA256

      93db5f4e53b9c0514b9c0c4c562be8d8e7c3d64f8542c03b7e7f032a9c5d0c55

    • SHA512

      0c1cd2e1f5c32b76aa8c994b6399acf81c6f9e2558e120d2eefcde9628a162fa4c3c74aae519a59640f49ee6ca1a33f3faeeaea5e8c02aef9749af0c74d4dc73

    • SSDEEP

      6144:tIYeWfLyWEuLGqsdGNNG5cbM8b1O+cy8xHZ/Lm/nukJxxUO3atM/bc1TEia:tyW5EuKwNNyOHc9xHZy/nVtUOL+T4

    Score
    6/10
    persistence
    behavioral1behavioral2

    • Target

      README.txt

    • Size

      187B

    • MD5

      dc2b17ced7f566c8c8fa76e76388100e

    • SHA1

      85834c3ffdb8f58736da81835d2fd4612d729607

    • SHA256

      5e546413b92e3b07cc9bde569a8ecfd9fcbc6c5ff0a65608c893b927b8aacde7

    • SHA512

      08d003f8fe6893cc5cab1ab1a24dee0bdf6b44c024a630764770cfa66861b17dcddc82cde272241532e312c55ac432f8242c8ed14810b927e45a2c58ba7b4578

    Score
    1/10
    behavioral3behavioral4

    • Target

      Synapse Launcher.exe

    • Size

      788KB

    • MD5

      20e1eb6b9b733bbd26ac8be5be603de2

    • SHA1

      36beefc2467d94b5ec9ae843b2bb099898581bed

    • SHA256

      73af760ad2ffdd931210079ef4b719a1a8c41a864e7d0a39faa5c1783fb140d6

    • SHA512

      d486fc560f0f6d94428b58ae041a17053659e78c49fe9154ca9e642d692da43aeb7dd3f03b1aeb428ea398bdbdfab743960c2f0fa885cd97bc31655be2e42e0b

    • SSDEEP

      12288:GoK0iEH0u6YNNCObkXxHDc/n3jUOSpUMh:nipzXonoOSpUMh

    Score
    10/10
    evasiontrojanlummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Downloads MZ/PE file

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral5behavioral6

MITRE ATT&CK Enterprise v6

Tasks