Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

SynapseX r...er.exe

windows7-x64

10

SynapseX r...er.exe

windows10-2004-x64

10

SynapseX r...tt.exe

windows7-x64

1

SynapseX r...tt.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SynapseX.revamaped.V1.3.rar

  • Size

    659KB

  • Sample

    240704-vze72ssdjf

  • MD5

    25e767f22f576a1187ca297428a909b3

  • SHA1

    a6ad4d278d09e0ecab07d095e996c91e9afb3b18

  • SHA256

    13f63c65ac270ce6d8f462791b1bb0ca64b8f7000f230b1c2ade64db617c5eac

  • SHA512

    37e4e4dd2d0c03d00f7afb024406f7445142b82f24648da287ef9008805af6b083223e9d0a34fa343bf5dc0300c701f71151eebe9be459157daf10d0d5275689

  • SSDEEP

    12288:aPSH3BnY7Y78MKc1yLt6OX2CqsfcTJalg7BBU0g+6qBeS02xdJXWhd3cEx5sCB94:ASH3qcqc1yRxtqW4alg7vgpj2zJmhdMx

Score
10/10
xenoratrattrojan

Malware Config

Extracted

Family

xenorat

C2

192.168.1.219

Mutex

131313131323

Attributes
  • delay

    1000

  • install_path

    temp

  • port

    1234

  • startup_name

    Windows Client

Targets

    • Target

      SynapseX revamaped V1.3/Synapse X Installer.exe

    • Size

      43KB

    • MD5

      769aad21a347b7576895910e55970390

    • SHA1

      36831993993050af72ea201cfa6ebc4726860e56

    • SHA256

      72e0f8bf690b647ae965d9a99f89c4f04c3b9500aac53f2a3fd376a2546b287a

    • SHA512

      9bb36a376f0b3e8a26a813f1054bf92a9ca737bd9eb96403d28b4edb81c361408a058e5ccefda3e44bbf4943d9799203665161b02394d35a05faa20851f670a5

    • SSDEEP

      768:d/jqPyqisr4dGirXAHg5rbWDdJwtZ69e7Sd/bDXNJb7bTDa/o1IV27C1:tNqwohJKZ69eKjBJb7bT2o1IgC1

    Score
    10/10
    xenoratrattrojan

    • XenorRat

      XenorRat is a remote access trojan written in C#.

      trojanratxenorat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      SynapseX revamaped V1.3/bin/OoxIi8qtt.exe

    • Size

      1.1MB

    • MD5

      a48d6b525da2501d8ec661f2f2f1b0e8

    • SHA1

      5737e465e5ffbed6b51e6775b5e05b5769f89e6b

    • SHA256

      a6e52cc20913ae168b7dcbb923ea8cd7bdda93e43399ec22a85dabfab14ddf3a

    • SHA512

      3cf1d6acbf1a3c3e99739af505b57aef7e8db5a2a84db2310c1d6490a097e11065510d2aaaac6ea71fd226b421d87be216993528e245e0bdee9b6000e68e32ab

    • SSDEEP

      24576:5EvX2R7XLISXF8ElQlt8K9MlOZNsST2R7:qvX2VLIS2Jt89LST2

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks