Analysis
-
max time kernel
150s -
max time network
32s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
02-06-2023 14:22
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
synapse-v2-launcher-12-5-22(1).zip
Resource
win7-20230220-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral2
Sample
synapse-v2-launcher-12-5-22(1).zip
Resource
win10v2004-20230220-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
README.txt
Resource
win7-20230220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral4
Sample
README.txt
Resource
win10v2004-20230220-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral5
Sample
Synapse Launcher.exe
Resource
win7-20230220-en
windows7-x64
11 signatures
150 seconds
General
-
Target
synapse-v2-launcher-12-5-22(1).zip
-
Size
351KB
-
MD5
b03b887ae392b6f33fad562becfc0482
-
SHA1
101c2388c16ca7678a8426739ec7a1b505a6f6aa
-
SHA256
93db5f4e53b9c0514b9c0c4c562be8d8e7c3d64f8542c03b7e7f032a9c5d0c55
-
SHA512
0c1cd2e1f5c32b76aa8c994b6399acf81c6f9e2558e120d2eefcde9628a162fa4c3c74aae519a59640f49ee6ca1a33f3faeeaea5e8c02aef9749af0c74d4dc73
-
SSDEEP
6144:tIYeWfLyWEuLGqsdGNNG5cbM8b1O+cy8xHZ/Lm/nukJxxUO3atM/bc1TEia:tyW5EuKwNNyOHc9xHZy/nVtUOL+T4
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
Processes:
taskmgr.exepid Process 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
taskmgr.exepid Process 1612 taskmgr.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
taskmgr.exedescription pid Process Token: SeDebugPrivilege 1612 taskmgr.exe -
Suspicious use of FindShellTrayWindow 64 IoCs
Processes:
taskmgr.exepid Process 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe -
Suspicious use of SendNotifyMessage 64 IoCs
Processes:
taskmgr.exepid Process 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe 1612 taskmgr.exe
Processes
-
C:\Windows\Explorer.exeC:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\synapse-v2-launcher-12-5-22(1).zip1⤵PID:1992
-
C:\Windows\system32\taskmgr.exe"C:\Windows\system32\taskmgr.exe" /41⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1612