Overview

overview

7

Static

static

3

SynapseX A...or.exe

windows7-x64

7

SynapseX A...or.exe

windows10-2004-x64

7

SynapseX A...t__.py

windows7-x64

3

SynapseX A...t__.py

windows10-2004-x64

3

SynapseX A...bot.py

windows7-x64

3

SynapseX A...bot.py

windows10-2004-x64

3

SynapseX A...nts.py

windows7-x64

3

SynapseX A...nts.py

windows10-2004-x64

3

SynapseX A...x.html

windows7-x64

1

SynapseX A...x.html

windows10-2004-x64

1

SynapseX A...web.py

windows7-x64

3

SynapseX A...web.py

windows10-2004-x64

3

SynapseX A...t__.py

windows7-x64

3

SynapseX A...t__.py

windows10-2004-x64

3

SynapseX A...nts.py

windows7-x64

3

SynapseX A...nts.py

windows10-2004-x64

3

SynapseX A...go.ps1

windows7-x64

1

SynapseX A...go.ps1

windows10-2004-x64

1

SynapseX A...eme.py

windows7-x64

3

SynapseX A...eme.py

windows10-2004-x64

3

SynapseX A...39.ps1

windows7-x64

1

SynapseX A...39.ps1

windows10-2004-x64

1

SynapseX A..._1.ps1

windows7-x64

1

SynapseX A..._1.ps1

windows10-2004-x64

1

SynapseX A..._2.ps1

windows7-x64

1

SynapseX A..._2.ps1

windows10-2004-x64

1

SynapseX A...go.ps1

windows7-x64

1

SynapseX A...go.ps1

windows10-2004-x64

1

SynapseX A...eme.py

windows7-x64

3

SynapseX A...eme.py

windows10-2004-x64

3

SynapseX A...eme.py

windows7-x64

3

SynapseX A...eme.py

windows10-2004-x64

3

Analysis

  • max time kernel
    250s
  • max time network
    318s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 10:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SynapseX API cracked/requirements/themes/Dark/Dark/logo.ps1

  • Size

    735B

  • MD5

    ba7dbefd0d0846fa28aed5040528838e

  • SHA1

    bd95b8a53896cdd8d04a6624527d48c61c7741fa

  • SHA256

    0fc8d9a25db90804211dba29ed10e2da79db90ec5791d05f52563f1b0692175f

  • SHA512

    f36f5f165e9341881b60cab24bc864d046074465e81b88cf6f080f643210056950267adc0af46ca284f109d839a4a973c8f4125591890e035ae68fd0881649f2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell.exe -ExecutionPolicy bypass -File "C:\Users\Admin\AppData\Local\Temp\SynapseX API cracked\requirements\themes\Dark\Dark\logo.ps1"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/280-4-0x000000001B240000-0x000000001B522000-memory.dmp

    Filesize

    2.9MB

    Download

  • memory/280-5-0x00000000025F0000-0x00000000025F8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/280-6-0x000007FEF5700000-0x000007FEF609D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/280-7-0x00000000024E0000-0x0000000002560000-memory.dmp

    Filesize

    512KB

    Download

  • memory/280-8-0x00000000024E0000-0x0000000002560000-memory.dmp

    Filesize

    512KB

    Download

  • memory/280-9-0x000007FEF5700000-0x000007FEF609D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/280-10-0x000007FEF5700000-0x000007FEF609D000-memory.dmp

    Filesize

    9.6MB

    Download