Synapse^X[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

Synapse^X.rar
Size

9.5MB
MD5

553488f43ce64b225d7d623a4ec8c5d7
SHA1

7d35b69d3c2fdb985f5c2c352f7f3226dfeb7356
SHA256

aff39c9c28c0b578f2b6605fb6ace95332e3442659c6cee1a0e8027b6bf40854
SHA512

7d0aa651d4379a3ba2ec4aaa8ab158b697161f25f20dcde4a9dd64a8ba4e7b94a6fcc5337c95f6b670b49135ac9be1577bbf9510f36d8360c0a44866a389f67e
SSDEEP

196608:KL6bJGBnR4FKGrWzhWU8rqVfIPDnDRcW+EcxY2byi54zbTnjKHpGE3O5QFcz:q6lGR4FK8WVWX6QrntSYQMzXnjKHpGEg

Score

1^/10

Malware Config

Signatures

Files

Synapse^X.rar
.rar

Password: 1234
Synapse^X/READVE.log
Synapse^X/S^X.exe
.exe windows x86

Password: 1234

f553b8ac04465266a97d8a15318f0208

Code Sign

33:00:00:02:cb:b7:75:39:fb:02:71:42:36:00:00:00:00:02:cb
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:45

Not After

11/05/2023, 20:45

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9b:f3:33:24:6c:3d:33:7a:f4:84:e1:d7:ff:8f:ed:06:cf:d5:3f:06:57:6f:4e:58:76:97:57:e6:cb:63:19:95
Signer

Actual PE Digest

9b:f3:33:24:6c:3d:33:7a:f4:84:e1:d7:ff:8f:ed:06:cf:d5:3f:06:57:6f:4e:58:76:97:57:e6:cb:63:19:95

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

13/04/2023, 18:10
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleA
FreeConsole
MultiByteToWideChar
GetProcAddress
GetCommandLineA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

gdi32

CreateFontIndirectA
SelectObject
SetTextColor

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 258KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Synapse^X/auth/0968c848-ebf6-4e37-897a-c2dfdd405406.tmp
.gz

Password: 1234
0968c848-ebf6-4e37-897a-c2dfdd405406.tmp
.js
Synapse^X/auth/18e190413af045db88dfbd29609eb877.db
Synapse^X/auth/18e190413af045db88dfbd29609eb877.db.session64
Synapse^X/auth/287de831-8b7d-4bdb-ad2d-3697a1c11eba.tmp
.gz

Password: 1234
287de831-8b7d-4bdb-ad2d-3697a1c11eba.tmp
.js
Synapse^X/auth/40ddcf86-6db1-403b-9b8f-7b3ca4413d90.tmp
.gz

Password: 1234
40ddcf86-6db1-403b-9b8f-7b3ca4413d90.tmp
.js
Synapse^X/auth/50E8F633-2AE4-4CB3-BF6B-7EAF919A0643.Diagnose.0.etl
Synapse^X/auth/720d3f78-0e86-4a1c-84b2-7181d55f1623.tmp
.gz
720d3f78-0e86-4a1c-84b2-7181d55f1623.tmp
Synapse^X/auth/72b168f9-3f84-48a1-ae87-d4daee7b63d0.tmp
.gz

Password: 1234
72b168f9-3f84-48a1-ae87-d4daee7b63d0.tmp
.js
Synapse^X/auth/7fdc6cad-fa1f-4aec-86a5-69786e4ab7c0.tmp
.gz

Password: 1234
7fdc6cad-fa1f-4aec-86a5-69786e4ab7c0.tmp
.js
Synapse^X/auth/841aa69d-587f-4740-8b5e-049ed341932f.tmp
.gz

Password: 1234
841aa69d-587f-4740-8b5e-049ed341932f.tmp
.js
Synapse^X/auth/862f7fbf-9526-4f8e-a6bb-e163d1326cd1.tmp
.gz
Synapse^X/auth/9d5cba0e-4b45-42d1-bd09-be22333416e9.tmp
.gz
Synapse^X/auth/9e8b9207-78fd-4755-9f65-29c6d9fa2479.tmp
.gz

Sharing

General

Malware Config

Signatures

Files

Password: 1234

Password: 1234

f553b8ac04465266a97d8a15318f0208

Code Sign

33:00:00:02:cb:b7:75:39:fb:02:71:42:36:00:00:00:00:02:cbCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

9b:f3:33:24:6c:3d:33:7a:f4:84:e1:d7:ff:8f:ed:06:cf:d5:3f:06:57:6f:4e:58:76:97:57:e6:cb:63:19:95Signer

Signature Validations

Verification

13/04/2023, 18:10 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 258KB - Virtual size: 261KB

.rsrc Size: 2KB - Virtual size: 1KB

Password: 1234

Password: 1234

Password: 1234

Password: 1234

Password: 1234

Password: 1234

33:00:00:02:cb:b7:75:39:fb:02:71:42:36:00:00:00:00:02:cb
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

9b:f3:33:24:6c:3d:33:7a:f4:84:e1:d7:ff:8f:ed:06:cf:d5:3f:06:57:6f:4e:58:76:97:57:e6:cb:63:19:95
Signer

13/04/2023, 18:10
Valid: false

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 258KB - Virtual size: 261KB

.rsrc
Size: 2KB - Virtual size: 1KB