Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Synthesia.exe

windows7-x64

7

Synthesia.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...al.ini

windows7-x64

1

$PLUGINSDI...al.ini

windows10-2004-x64

1

$PLUGINSDI...rd.bmp

windows7-x64

3

$PLUGINSDI...rd.bmp

windows10-2004-x64

7

Synthesia.exe

windows7-x64

3

Synthesia.exe

windows10-2004-x64

3

bass.dll

windows7-x64

1

bass.dll

windows10-2004-x64

1

bassmidi.dll

windows7-x64

1

bassmidi.dll

windows10-2004-x64

1

msvcp140.dll

windows7-x64

1

msvcp140.dll

windows10-2004-x64

1

readme.html

windows7-x64

1

readme.html

windows10-2004-x64

1

vccorlib140.dll

windows7-x64

1

vccorlib140.dll

windows10-2004-x64

1

vcruntime140.dll

windows7-x64

1

vcruntime140.dll

windows10-2004-x64

1

vcruntime140_1.dll

windows7-x64

1

vcruntime140_1.dll

windows10-2004-x64

1

win10-midi.dll

windows7-x64

1

win10-midi.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/06/2024, 14:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Synthesia.exe

  • Size

    12.6MB

  • MD5

    a367aa2fbce65bd03509076fa4656dd4

  • SHA1

    db07c17b5736472d2061096cefda9a86c0e6c1b6

  • SHA256

    9b9016b5402fd2bba74ca80fbd4c1fd33424276a5d909bfd6d3e88246276bc9f

  • SHA512

    2d60368ec1452eb74f35d4167b21bc2ae4cd230a86a3bf7f62ca0b57ab8fb8b78a5b6dacc6d90deee2f65184aa4c83cdbd60dbd19fdb0ad5f12ec4ae3cc49500

  • SSDEEP

    393216:jQDiKZYqASUg/nHArZfCWbUFuF9NB7I3M07FRQ:jgiKZDX/grZfCWzF9vIcE7

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\Synthesia.exe
    "C:\Users\Admin\AppData\Local\Temp\Synthesia.exe"
    1⤵
    • Loads dropped DLL
    PID:2628

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsy36F0.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    09d8971beefefffd710030dd167a99e0

    SHA1

    a0117786ad77213f3eb48cfdc3819786cb796b7d

    SHA256

    caf64a4e9449220ba618a9aa2ae4ed3774c5d0f193bda44be22676c27ae0ec95

    SHA512

    3956f0c6bcdf033e4a10ab33872a66e0668da28ec31cb7a2c67ef7266d7c0845998a2a85a6cc25aba1df73909df8104119cf5f1f86c1e91f8fd201765aea49f0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsy36F0.tmp\ioSpecial.ini
    Filesize

    890B

    MD5

    74a2b056a099ede8297a6e258dd2da1e

    SHA1

    f770813b3dda5295947ab9c9c4247034677ced47

    SHA256

    7f0b07a5f55fbeae28da2fd04898e8c1947f73678bf1b38a91e169767b753190

    SHA512

    d0a4d78520edb560e74d957312a6514142973609e1fb52a66be7438031e515033318a598528bf100d8ebb1ea3616925cfc40a4c515e259f34596c7117c009957

    Download Submit