c2436cd762feff1292a54c5337ff1a8f1acd3c3599729f8d3edca92eaca37597 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Synapse.exe
Size

19.4MB
Sample

230411-spp86aeh5x
MD5

c3f140bf63bbf4ade62a8a23e9bd6f20
SHA1

5b2b49995dbb30319d2a223ecaf307193b59c9a5
SHA256

c2436cd762feff1292a54c5337ff1a8f1acd3c3599729f8d3edca92eaca37597
SHA512

b5392c933ec84e3c132608676ae64691232e3a5745282be45bd7092555d646b4dd071452911a3e0c2be771d8bbdd24edc80da9580c13a4ed6fbc06d51d07331c
SSDEEP

393216:fxdyJhooqHN8L2Vmd6ml/m3pqc/eO47G99M9BJHcSWJ5V6xM+iLIXENOlh:fzyJ+zHWyVmdXKquP+15U5CM+iLNOl

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  Synapse.exe
- Size
  
  19.4MB
- MD5
  
  c3f140bf63bbf4ade62a8a23e9bd6f20
- SHA1
  
  5b2b49995dbb30319d2a223ecaf307193b59c9a5
- SHA256
  
  c2436cd762feff1292a54c5337ff1a8f1acd3c3599729f8d3edca92eaca37597
- SHA512
  
  b5392c933ec84e3c132608676ae64691232e3a5745282be45bd7092555d646b4dd071452911a3e0c2be771d8bbdd24edc80da9580c13a4ed6fbc06d51d07331c
- SSDEEP
  
  393216:fxdyJhooqHN8L2Vmd6ml/m3pqc/eO47G99M9BJHcSWJ5V6xM+iLIXENOlh:fzyJ+zHWyVmdXKquP+15U5CM+iLNOl
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2