Overview

overview

10

Static

static

1

Razer_Syna...33.exe

windows7-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Razer_Synapse_Framework_V1.18.17.22533.exe

  • Size

    53.2MB

  • Sample

    231203-e1q3yahe2v

  • MD5

    b1a9b88aa04186bc82c531ffd34188d8

  • SHA1

    66ff8b1136c7ade6273f63ae3befa6b810f65998

  • SHA256

    261e91b02c52ad7f228d0af2aae403a694daf312b72c1afa292b2d3bc6a9f7c6

  • SHA512

    b2d4e3ed8402d5fe89a4d61cfa1d866bdbe2fdcda8c00775918d762df261c8905116a8c3e0e2c262ff74a5130553ecc0c3fe4d5a176240ccdf7ea026dd7b66b8

  • SSDEEP

    1572864:Z0pomZnY/0KL709NXHersAUAzJn5nUl2lA4pjs9x:Z0lnY/0Kn0XHRJ45n3lfpjqx

Score
10/10
purelogsdiscoverypersistencestealer

Malware Config

Targets

    • Target

      Razer_Synapse_Framework_V1.18.17.22533.exe

    • Size

      53.2MB

    • MD5

      b1a9b88aa04186bc82c531ffd34188d8

    • SHA1

      66ff8b1136c7ade6273f63ae3befa6b810f65998

    • SHA256

      261e91b02c52ad7f228d0af2aae403a694daf312b72c1afa292b2d3bc6a9f7c6

    • SHA512

      b2d4e3ed8402d5fe89a4d61cfa1d866bdbe2fdcda8c00775918d762df261c8905116a8c3e0e2c262ff74a5130553ecc0c3fe4d5a176240ccdf7ea026dd7b66b8

    • SSDEEP

      1572864:Z0pomZnY/0KL709NXHersAUAzJn5nUl2lA4pjs9x:Z0lnY/0Kn0XHRJ45n3lfpjqx

    Score
    10/10
    purelogsdiscoverypersistencestealer

    • Detect PureLogs payload

    • PureLogs

      PureLogs is an infostealer written in C#.

      stealerpurelogs

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks