Overview
overview
10Static
static
105874bb1804...ca.exe
windows7-x64
75874bb1804...ca.exe
windows10-2004-x64
7$COMMONFIL...np.dll
windows7-x64
3$COMMONFIL...np.dll
windows10-2004-x64
3$COMMONFIL...ar.dll
windows7-x64
1$COMMONFIL...ar.dll
windows10-2004-x64
3$COMMONFIL...ve.dll
windows7-x64
5$COMMONFIL...ve.dll
windows10-2004-x64
5$COMMONFIL...le.dll
windows7-x64
5$COMMONFIL...le.dll
windows10-2004-x64
5$COMMONFIL...ls.dll
windows7-x64
1$COMMONFIL...ls.dll
windows10-2004-x64
1$COMMONFIL...OM.dll
windows7-x64
3$COMMONFIL...OM.dll
windows10-2004-x64
3$COMMONFIL...EN.dll
windows7-x64
3$COMMONFIL...EN.dll
windows10-2004-x64
3$COMMONFIL...oc.dll
windows7-x64
1$COMMONFIL...oc.dll
windows10-2004-x64
3$COMMONFIL...ir.dll
windows7-x64
3$COMMONFIL...ir.dll
windows10-2004-x64
3$COMMONFIL...pi.dll
windows7-x64
1$COMMONFIL...pi.dll
windows10-2004-x64
1$COMMONFIL...AL.dll
windows7-x64
3$COMMONFIL...AL.dll
windows10-2004-x64
3$COMMONFIL...OM.dll
windows7-x64
3$COMMONFIL...OM.dll
windows10-2004-x64
3$COMMONFIL...UL.dll
windows7-x64
1$COMMONFIL...UL.dll
windows10-2004-x64
3$COMMONFIL...CP.dll
windows7-x64
3$COMMONFIL...CP.dll
windows10-2004-x64
3$COMMONFIL...PF.dll
windows7-x64
1$COMMONFIL...PF.dll
windows10-2004-x64
8General
-
Target
5874bb1804c8f9d1f3225eebc849f8ca
-
Size
5.0MB
-
Sample
240113-kc4xsafadm
-
MD5
5874bb1804c8f9d1f3225eebc849f8ca
-
SHA1
5712ee89188a6a2d65890ee5534b773b135726b9
-
SHA256
e79c3dbd9b7db02103c4701f56ed7eb3cad228f266249c72d012509aaf06e5a3
-
SHA512
5765dea7169ca4d378a2814a3d97920ccd63518cb5e739a20fc186e1564d4f2facb30c06e67505844f04c1a0ef10b13be28266a6f24423fc0ba5dba9fa460685
-
SSDEEP
98304:QiSozLi7ouNoPOGeNp/AwtaoXhoMEnmnJSxvkYytkMvmZFZLcZyKHrh:QiSovigLeNp/A14hoMVM9cvmLmXLh
Behavioral task
behavioral1
Sample
5874bb1804c8f9d1f3225eebc849f8ca.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
5874bb1804c8f9d1f3225eebc849f8ca.exe
Resource
win10v2004-20231222-en
Behavioral task
behavioral3
Sample
$COMMONFILES/Synacast/SynaLive/FWUpnp.dll
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
$COMMONFILES/Synacast/SynaLive/FWUpnp.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral5
Sample
$COMMONFILES/Synacast/SynaLive/Har.dll
Resource
win7-20231215-en
Behavioral task
behavioral6
Sample
$COMMONFILES/Synacast/SynaLive/Har.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral7
Sample
$COMMONFILES/Synacast/SynaLive/Live.dll
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
$COMMONFILES/Synacast/SynaLive/Live.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
$COMMONFILES/Synacast/SynaLive/MngModule.dll
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
$COMMONFILES/Synacast/SynaLive/MngModule.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral11
Sample
$COMMONFILES/Synacast/SynaLive/NetTools.dll
Resource
win7-20231215-en
Behavioral task
behavioral12
Sample
$COMMONFILES/Synacast/SynaLive/NetTools.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral13
Sample
$COMMONFILES/Synacast/SynaLive/PP/1012/KOM.dll
Resource
win7-20231215-en
Behavioral task
behavioral14
Sample
$COMMONFILES/Synacast/SynaLive/PP/1012/KOM.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral15
Sample
$COMMONFILES/Synacast/SynaLive/PP/1012/TEN.dll
Resource
win7-20231215-en
Behavioral task
behavioral16
Sample
$COMMONFILES/Synacast/SynaLive/PP/1012/TEN.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral17
Sample
$COMMONFILES/Synacast/SynaLive/PP/1012/eroc.dll
Resource
win7-20231215-en
Behavioral task
behavioral18
Sample
$COMMONFILES/Synacast/SynaLive/PP/1012/eroc.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral19
Sample
$COMMONFILES/Synacast/SynaLive/PP/1012/mir.dll
Resource
win7-20231215-en
Behavioral task
behavioral20
Sample
$COMMONFILES/Synacast/SynaLive/PP/1012/mir.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral21
Sample
$COMMONFILES/Synacast/SynaLive/PP/1012/tpi.dll
Resource
win7-20231129-en
Behavioral task
behavioral22
Sample
$COMMONFILES/Synacast/SynaLive/PP/1012/tpi.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral23
Sample
$COMMONFILES/Synacast/SynaLive/PP/GAL.dll
Resource
win7-20231215-en
Behavioral task
behavioral24
Sample
$COMMONFILES/Synacast/SynaLive/PP/GAL.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral25
Sample
$COMMONFILES/Synacast/SynaLive/PP/KOM.dll
Resource
win7-20231215-en
Behavioral task
behavioral26
Sample
$COMMONFILES/Synacast/SynaLive/PP/KOM.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral27
Sample
$COMMONFILES/Synacast/SynaLive/PP/MUL.dll
Resource
win7-20231215-en
Behavioral task
behavioral28
Sample
$COMMONFILES/Synacast/SynaLive/PP/MUL.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral29
Sample
$COMMONFILES/Synacast/SynaLive/PP/PCP.dll
Resource
win7-20231215-en
Behavioral task
behavioral30
Sample
$COMMONFILES/Synacast/SynaLive/PP/PCP.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral31
Sample
$COMMONFILES/Synacast/SynaLive/PP/PPF.dll
Resource
win7-20231215-en
Behavioral task
behavioral32
Sample
$COMMONFILES/Synacast/SynaLive/PP/PPF.dll
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
5874bb1804c8f9d1f3225eebc849f8ca
-
Size
5.0MB
-
MD5
5874bb1804c8f9d1f3225eebc849f8ca
-
SHA1
5712ee89188a6a2d65890ee5534b773b135726b9
-
SHA256
e79c3dbd9b7db02103c4701f56ed7eb3cad228f266249c72d012509aaf06e5a3
-
SHA512
5765dea7169ca4d378a2814a3d97920ccd63518cb5e739a20fc186e1564d4f2facb30c06e67505844f04c1a0ef10b13be28266a6f24423fc0ba5dba9fa460685
-
SSDEEP
98304:QiSozLi7ouNoPOGeNp/AwtaoXhoMEnmnJSxvkYytkMvmZFZLcZyKHrh:QiSovigLeNp/A14hoMVM9cvmLmXLh
Score7/10-
Loads dropped DLL
-
-
-
Target
$COMMONFILES/Synacast/SynaLive/FWUpnp.dll
-
Size
64KB
-
MD5
f7f69e99c27658a94eb7b9b5a82c1899
-
SHA1
6632c428a843074b49a147df77b1ba5570d7b935
-
SHA256
999398a5998318e7e1ef52761f71aebd04f2ef727a4af5187aecfbfa23ffb8de
-
SHA512
443fb90ae725b1c20719453db8c03c723398d9242fc5b43617e79730e4db703a0b5004b0a12aae837402a32dcc13360bc603693c21594164fc84535c95b6b37e
-
SSDEEP
1536:xtAOOk9WTrUe+twT1C5hBUv4tQlHbRF2t7y9o9L:xKOOuW3cw85hBUjHbH2tBL
Score3/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/Har.dll
-
Size
109KB
-
MD5
13da16948dbbf00dc090a05a49a0d4b0
-
SHA1
4a99cb48ca42e3cb2e9f17b90721f862a49f77c9
-
SHA256
5345553125238e89ea5cf43a82262fbdc45cbeaa04bd3da9fb10db6c52b96467
-
SHA512
0a5f4a2849f16cb6e062cf62daa8e6d8e31454041c05838bdd7cf41cce9193240faa4fef383308a568b20a02aab3ec5695113b5e84af7ab0d905e820852dda78
-
SSDEEP
3072:foQ6rxK1dj88Ez1p1WdRmwGN9aZfooEI4L:foQ6K/jW/AmwG6NoJ
Score3/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/Live.dll
-
Size
133KB
-
MD5
9ec48447183aa4d02c0bfbebbef346dd
-
SHA1
5f44520d7753b36363e07c94df8a51ef99b1757d
-
SHA256
1cffce9568a3c7e9a451df3e6c3f24ba0d32e028c994c473be8a34f194e5db1f
-
SHA512
df9242480e98f77d83c31761dfb7e604963b4ef7443a937254886bd5e7e8b1ce9a437505a67692e46ad7ea30c07ffc720536bc37a5497210173fa98d9793266f
-
SSDEEP
3072:+DmhB/xH/f2muydfvaqOlAQ6NRl/PUUEzemCoI:+4TH/bSq9BUXyj
Score5/10-
Drops file in System32 directory
-
-
-
Target
$COMMONFILES/Synacast/SynaLive/MngModule.dll
-
Size
69KB
-
MD5
ccc19d44cdbe684169c565cff72cb491
-
SHA1
67c18bb2b03862375d4f78ee58d352c112204287
-
SHA256
2f4525d6aa37ee36c19ec66d0cea91d42d79f51b5f05b54af47d40ec12545aae
-
SHA512
fe540ea904c1181cadb8e08286f19a92ca3557043a59113870beb4defe7d409a1afa6a30d6fb718bc7f8541b5d4cf915a0ff037657c649556d0bafbfe0e2c273
-
SSDEEP
1536:Tkxj38sgTwksQ/FJpqIO4TA1S1K0dFuidXZiJoKikH:+38jwksK5qP1S1K0dFuWXZtM
Score5/10-
Drops file in System32 directory
-
-
-
Target
$COMMONFILES/Synacast/SynaLive/NetTools.dll
-
Size
297KB
-
MD5
116dfe706c3fe1cf8e8f7aace37e92a3
-
SHA1
74a0d51e52b962d8395adc23812375bd4d2dcf1d
-
SHA256
5fea8ac3330964f71f4232ca2e3273377fc56d91f0eba9b9cae321131e129a4a
-
SHA512
8556e5b12ae60f5747b99f340de7e906a687ce94c61b64ef37c6c995bdbfcff7a87fe242195abdc661008a2a0c2a459c1721e3dde0b5dc93bd0a1e4e802e314f
-
SSDEEP
6144:58hb6KvuYFRrEHdbVwv7zvUbjwdrBntjoYmLdsbVwuUJRhx:5eWKHuq7zv8UdrBnWZx
Score1/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/PP/1012/KOM.dll
-
Size
205KB
-
MD5
efa9f88c418d04463881e5e787769f71
-
SHA1
a267b3e6a67b37cc52d9b9448ea4dddd28747b5c
-
SHA256
3e507b1a79d3c32f32b82f5d574ac631b517581570ff80a8975a0be6b1458b0b
-
SHA512
5651a6ae995e3aa6f44784aa6b8ee023e7772ce31c3fb9af7efe80d1dc77a37c57f4fd10026c76d03fdb7eb324a07d24de46a6b6ebbb926d431aec82396b462b
-
SSDEEP
3072:OcBs8O8utIukTT+Y8aZLiqEKwr3Di07CEmq0it4Et11r:Ock8utKTL8awnDP1r
Score3/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/PP/1012/TEN.dll
-
Size
525KB
-
MD5
affbe57aa9bed7034cb997977627cda2
-
SHA1
4466f63531ec040c6b95e4659c8b7987ccd49026
-
SHA256
f0a1df76cc19da95207750a4786f56e59f21c112b5c524b812bee21c88e30b27
-
SHA512
9b8576b60b172176f11f60fc83d4e3ea4115a0a37f136cfd65219538522a73ec1337a0ad034dd45d9ba287d3532a6ca5234b61c4d9ba2120356e2192ee58b3aa
-
SSDEEP
12288:wfGNZ+jZRnhbpSZajjy70A60re9tatW2xT2o+DO:wfGNZ+jLnhbp9a70AzT2o+i
Score3/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/PP/1012/eroc.dll
-
Size
221KB
-
MD5
47976002446635d3d68d2fc49fd5dc20
-
SHA1
e5832d4d4423b328a498e230b10131ab7a68f054
-
SHA256
96fe06993bf482aa2d86351e95c330b8e70f30960c8e5ba86774726a7759410b
-
SHA512
c14e6f28768232507f7850139451cdcf0ecb033099b16549335a61d7dfe725fa77b82e7be33824b0862ce4e3ca028007cb2fd963f65a526647408122e028359c
-
SSDEEP
3072:cOU517ygevan9TuIwINKWcXFz1SXyl5yZHLiJnfeyQG02NNyJTtd6EUdpe:EneC9fcXFBSgyZUfeY0KNW66
Score3/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/PP/1012/mir.dll
-
Size
565KB
-
MD5
b2dfa86bc0ba950d5281015ffe43cf69
-
SHA1
a0cf6287c3e8d4f3cb3c3b7865055aa141076547
-
SHA256
02effb4c6ca174b7b13b784f7b8adbe7a9e16ad7dab2bf0f892c67156e05b00b
-
SHA512
b73dc11d44cb07019aa4fc599d779cb4bde2a9edd1ec598f2366a87117e37f47f56558c68b8e270af9dda69b498956b27390e19228badcc5975be81b866c4241
-
SSDEEP
12288:E6X32odMXAhEsselpz1SnOCC46IvTBu2OB7I0Jpm0zhK1k8cF+K/eo7yi/VKRfvC:psC4rOB7I0Jpm0zhK1k8cF+K/eo7yi/5
Score3/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/PP/1012/tpi.dll
-
Size
885KB
-
MD5
5e158d7278bc7b0cba2376317cb2fbec
-
SHA1
eead8a15ddbeaaed662dd4d62f6746b143fd9828
-
SHA256
d690f9f5da11cbbd981eecb2e95d6e6c23054b4300f92d5ef7da854aa0b768b6
-
SHA512
6d410e0aa600ece05025704610c6596fa9a7c86bc3e165d19f9107927a3209b8266865272e9ba48affe3f7adef0ce2ae3ce8e683cab5638adc25e7775b7ac021
-
SSDEEP
12288:JSUJV+dsIQUp2hiTTAct6cu6OruCPeRWcYPN2euhYqNga:JSUT+uIQUpSA8w6cuLruPRo2e8v
Score1/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/PP/GAL.dll
-
Size
93KB
-
MD5
6cd9ecf9f7a901a39017067a2b2b804a
-
SHA1
ce3297d05620ff3b7b5c8fd7af0c0bee6cf9f5dc
-
SHA256
a1d6892da2396261242eeaa1a0405a417d924a8ad9b49b4771da00e8747c326e
-
SHA512
c831e84bc691848167cd853590b6e72eea091644e97b81637305b890d8de0b13507dd8b68ecbcf370a54b3037614649b19bd2f4052754fd912b16b1dbb9ee721
-
SSDEEP
1536:sBEN0JSGfD/GUTrG91mkLKGJp6+o7+lvlCCdCdae:gbEaZAd07+lvlCu6
Score3/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/PP/KOM.dll
-
Size
201KB
-
MD5
c613d0bb57209a65f7b955f8718bf7b4
-
SHA1
1f39afbd5ae1ecf667069dd15d6ae14091e7ac86
-
SHA256
d3fe126429f508cbe51a572fc70cfcb7d8609e3b3c9297c649b672c6f6c159f5
-
SHA512
e28e8b239debe756a0851c570626812af5aaeeacae2cd8b3e54a3334b33683167cf378ebccc5c810c1c1fa4f6def3936c7b99ff21de3cd860a9d5b0aa8ca1e3f
-
SSDEEP
1536:B7E6nfKKVKr+Huv+6LJuQUwWFExz3jCmKLB0gxK8lDjK/1NhnFvrICtmVMTAMHgS:p/v/HuWoJro3YBFlLio7PVio24ZptHp
Score3/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/PP/MUL.DLL
-
Size
57KB
-
MD5
4400a8f3add3c7b6b9f106717798c19d
-
SHA1
5996b325735d49935d6cc5cb391c404caef307a3
-
SHA256
835796a28589b5d9ff08694b6ca6553e368031c7016e4ae8af067cdb8d99b5f3
-
SHA512
ecc06def4a80c05045270a5dbdf22f97d13176cfcb5211eb5d8a248f8a35336b963be04c0955d51c7e2340c5591adeb2c1fdfb28aa98d796cf31794dfe6f1b2f
-
SSDEEP
768:+0FhwtVyFOD+GrJnoyGNTB6GuqTyhOfL02DJiIDAU0vq4dlpCe3sdL32qbX:HFhMyFjG+NTBpyhOD021jERlpCe32dX
Score3/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/PP/PCP.dll
-
Size
85KB
-
MD5
d89deb0e4892580dadf3a3ead65a40a6
-
SHA1
1aa903e561c61bbbe335eab77b9f7bee0f1ba2e5
-
SHA256
c7c3881f88a3247f6f1aee836faa2a600d31d75080d940a7447f2e63169dcb1f
-
SHA512
1618aa9c4c94ac5c70044e9bab093d7d5a7989f6abc532945c281ec0909826326ade5095c85ee2f656e8328fe81b8fba86ea4e9df02b9aafb262e23708f3d270
-
SSDEEP
1536:vR2nUePLlQ94uqci1lQ8qITHUHNIlWTzQgBGNSg/jwa0KwvCJEYNTgbe9:MfxQ9ni1lQ8qITHUHN+y1MvjLuCJEYB9
Score3/10 -
-
-
Target
$COMMONFILES/Synacast/SynaLive/PP/PPF.dll
-
Size
181KB
-
MD5
6dba8b8f197ecf2f48ed54ca5c67478a
-
SHA1
00e7ce777a3e7c42795ce097762c09be8246aabc
-
SHA256
961484a74d95ce41063efe5ddf0f0def95ee495aefc42cbe0911afa7c28f198d
-
SHA512
fd878fc624ed1a43deba285160ad595efde334805edee51c13764c5eab65ecb404c38c2b19bba4dcf15ecf49edc015b4b4b141b47f3b610f5b32e58b37bb41c8
-
SSDEEP
3072:spRMf4CvNptUwojzjpnC36Vp3zdoF7w+WxsAvD84TcWNk8rPYWKtal:spYNDU5nCqVt+WxrNk8rgTsl
Score8/10-
Blocklisted process makes network request
-