SYNSOPOS[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SYNSOPOS.exe
Size

557KB
MD5

4db61bb0507db84cbcee7ca0f15db06b
SHA1

eb0a82fb7e04bd797d7ae58f692e34b4ce81a2e0
SHA256

4d588214071c9670efff3faecee074d9e9a5f90a3826569759f0828270a72b46
SHA512

f4dd9b2c3aa0b76bf721b493863c1737aff062ae60aa3db62cbf669702b7aab106ea29cbddcbbd24da5331f99a8cf1f0f46950edfe56dfb899afb8206eddaa4a
SSDEEP

12288:mzoQ4g7GpEC/iLTZiZamzQlCS1tDcnRaxQqubZxeIMDiWE+3Sqi5D2QBFEy2F4jj:mcI7GpEC/+iA9/1t7xQqf6WE+3Sqi5Dn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SYNSOPOS.exe

Files

SYNSOPOS.exe
.exe windows x86

bb27fba83ece536756d6a63ce923e850

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

winmm

timeGetTime

user32

wsprintfA

advapi32

RegCloseKey

shell32

SHGetFolderPathA

ole32

StringFromIID

oleaut32

UnRegisterTypeLi

version

VerQueryValueA

setupapi

SetupDiGetClassDevsA

iphlpapi

GetAdaptersInfo

Sections

.MPRESS1
Size: 470KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE