Overview

overview

10

Static

static

10

Synapse X ...er.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Synapse X Launcher.exe

  • Size

    3.2MB

  • MD5

    3854a6572a9a5a25bccbd13664713915

  • SHA1

    b7c3ca681c1dcb328113c5966bbd96aed541ae64

  • SHA256

    6c4367e763852b7afe852905e9d7baba18ac33c1e4eaf8370350824fb3ffce86

  • SHA512

    80fb1425c57d7984da87349efdc0c4508296b58548e62ee4743215edd1058818154cb1207b95ec74299c7b61953f19f71c6ab0d325126efd21d8c5749ad69452

  • SSDEEP

    49152:pvblL26AaNeWgPhlmVqvMQ7XSKB/RJ6UbR3LoGdM+THHB72eh2NTgj:pvBL26AaNeWgPhlmVqkQ7XSKB/RJ6e

Score
10/10
windows updatequasar

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Windows Update

C2

espinyskibidi-29823.portmap.host:29823

Mutex

a94ba996-69af-4720-85e6-f4929c5eb0f8

Attributes
  • encryption_key

    6F721445F7E0B1CF58980D84A9D49F4458D4EFD9

  • install_name

    Update.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Windows Update Startup

  • subdirectory

    Windows Update

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Synapse X Launcher.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections