ef10f89e2974c76e5c9da05957ca8787df4b04ce3fe02199d817cd37aae98754 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SynapseX.zip
Size

31.8MB
Sample

240806-vhevysvaqn
MD5

fe9bb9ead270c6d9ede08672bcafebf2
SHA1

fc96ce526f7cb9abdc432e5766276cbafd3bb52a
SHA256

ef10f89e2974c76e5c9da05957ca8787df4b04ce3fe02199d817cd37aae98754
SHA512

b05d6a61c81e8381af847a9cc343972d14cecf828e581064d13d83784830a07599b266c3c812956ea3a1f706888de2287d5e7f5104cc383785c31f77151e7b55
SSDEEP

786432:lK410Y39jI9hMuRWXWKdIAoksUNhm7544L:13JIo4IdIGo4G

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  SynapseX.zip
- Size
  
  31.8MB
- MD5
  
  fe9bb9ead270c6d9ede08672bcafebf2
- SHA1
  
  fc96ce526f7cb9abdc432e5766276cbafd3bb52a
- SHA256
  
  ef10f89e2974c76e5c9da05957ca8787df4b04ce3fe02199d817cd37aae98754
- SHA512
  
  b05d6a61c81e8381af847a9cc343972d14cecf828e581064d13d83784830a07599b266c3c812956ea3a1f706888de2287d5e7f5104cc383785c31f77151e7b55
- SSDEEP
  
  786432:lK410Y39jI9hMuRWXWKdIAoksUNhm7544L:13JIo4IdIGo4G
Score

1^/10
behavioral1 behavioral2
- Target
  
  FastColoredTextBox.dll
- Size
  
  323KB
- MD5
  
  8610f4d3cdc6cc50022feddced9fdaeb
- SHA1
  
  4b60b87fd696b02d7fce38325c7adfc9e806f650
- SHA256
  
  ac926c92ccfc3789a5ae571cc4415eb1897d500a79604d8495241c19acdf01b9
- SHA512
  
  693d1af1f89470eab659b4747fe344836affa0af8485b0c0635e2519815e5a498f4618ea08db9dcf421aac1069a04616046207ee05b9ed66c0a1c4a8f0bddd09
- SSDEEP
  
  6144:0R0J4lx4/7BA4xvNdcwCOg04j0y5mwZkdmsqmLDi5eNH+Dl1SIP0:0R0J48lAovNd7CO34D4b4eNO
Score

1^/10
behavioral3 behavioral4
- Target
  
  FastColoredTextBox.xml
- Size
  
  132KB
- MD5
  
  70d49dec6a333f1d94fb1e77c663525c
- SHA1
  
  184b544e672f4c4cb9ed9cf010da568eed16623d
- SHA256
  
  f3f2e537065317b6ce66dac64042e925bbcea65f00561f9860b7172c9ca07027
- SHA512
  
  b78a3c4418a7c5014eb16e72f2113f00353e9e566942f7160067c826c47f1ec2752ae7ede796fc159fb9bae499d347f822401fbc4446e2556cbd680cd595c2e2
- SSDEEP
  
  1536:45SVw7sekyF7o//t3zEzacGE5xa5lIV1/P5:45Sm7sekyxo//xzEz3GlM
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Synapse X.exe
- Size
  
  638KB
- MD5
  
  2e620ee17a3eff8d2762e17303a708a8
- SHA1
  
  4bb549d5be0ee45a4302ef6abe82d4774231ed79
- SHA256
  
  cabfd35270bff1aa725ff1f06aa941a487f9cc9047db2f99b68459d8a9bd8668
- SHA512
  
  417fac9d238baee19b69ff16fb44e6b3edf6901198175c4bd4b95200db7b0c27af0107ae027a16cc7f6bac2baf56dace55ba9c0952553e41096372339a345850
- SSDEEP
  
  6144:gD9rCdBnt1ZZPbhWeXfk9CBnt1ZZPbhWeXf6eB25ZntS:gBrC3nt1ZZPbhWok4nt1ZZPbhWovc
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Synapse X.exe.config
- Size
  
  186B
- MD5
  
  b51c130a957051ba9fb2245bf76fb6f6
- SHA1
  
  42181e5745daab2a0e8cf87693142828306f9bda
- SHA256
  
  7921098e47e894412fdfd0cafe0f88cc68497740998eac17c68c00129069d803
- SHA512
  
  fa2ac3eff5d51aea7acc9cf6aa018a77fae295d55c5bf808c9d7048c801baf4626568f00fb001a9f2780c46dce294482cfeb3045aabe139ddc557c0d3bc11640
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Synapse X.pdb
- Size
  
  71KB
- MD5
  
  9bc5197c10f0affe80cb48b1d450bbf6
- SHA1
  
  115428da8028e0e863957b9b2ff0d317bdbaa289
- SHA256
  
  a6b9c6b183d48b19e9bda8720431c168fb7be2ca869f3ad403c050f485494485
- SHA512
  
  78edab650e87c0b19839f9a6cf6a2a13bb68ad7a28a1810a95f4821c7f3b3fc5d4951fe9e0ca11f57dacdfe96b64fbc8b1749084cefc7290ab33845265a8c40a
- SSDEEP
  
  768:w+s++Fs+8+fhHC2wrl9hNSqCGoF9CqtcOI+fhHC28rKq7O:W8rljNHCnMKcOYrKgO
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  bin/API.dll
- Size
  
  1.3MB
- MD5
  
  157fd035b2a344a94166d7db3756df0e
- SHA1
  
  f221d28c1deb80b4e8d9201226435aefce6b0f75
- SHA256
  
  8716c75aff75941711aff8770836f47eb9a254416089ef3571c6fc9a338b3009
- SHA512
  
  fad0174fbd22f58dd4fcdaad8378c214270b4faeaca64d9cb306f50e9316072a4c417c5723c4123b8bf94a3dba6ef4e3303ec60f4a2cf0c3a54d8ab375ea717d
- SSDEEP
  
  24576:ZqBSLRktEBl6blwTUMD4zB1VU2bFjYWR0pMQUAqLRAovh4bSAXVVRNRfMXZO:ZqBSLRkt8l6blSU//+2bFfvA1SQVVRNk
Score

1^/10
behavioral13 behavioral14
- Target
  
  main.exe
- Size
  
  30.7MB
- MD5
  
  be71d00e9d0f2902f25cb2fa94c3917a
- SHA1
  
  b9338661dfa05312e5329479f8e1a9b5c0e942f3
- SHA256
  
  d77ad43b474dd776144744546d3f85882b39794e7834448657b3de2a0957eb50
- SHA512
  
  2f484090f29435d7a4c30863d2ee578b42040b348f97189c2af128e675843dc4803b9c955f1ca140e69b55477756da1f4142bb78f7bc7902d2d5d6f16ff46ad0
- SSDEEP
  
  786432:8sHi2fmtUFJWs97HWE5dvQN/xNObO+CEA0:1fIUW0D52SyzEA
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  scripts/UNCCheck.lua
- Size
  
  28KB
- MD5
  
  b76726d10354343d9af5c268e40b47c4
- SHA1
  
  7103c78071be0c65c8b3a217168cf7909aef748e
- SHA256
  
  e8d53406c916b8e827c65c8f00d8a18b1379e693fd0379e8116e749bdf860cf5
- SHA512
  
  5caffd8a06058e890fe4ae35430539281cf53fa791221189f0f6660778a83fa42cc3e5374ce06ff325420d92006c2bfe1003f1486714e889964075da66b046eb
- SSDEEP
  
  768:JopEYRzOKMrGrE7BWf9r+T+f9TkIuP4hUUsbU8FqQFBF5UXzRFEe3cSG5Sg/i5rx:JEKcZuy9p
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  scripts/infiniteyield.lua
- Size
  
  465KB
- MD5
  
  0679a213fd446d4be5272669addc9628
- SHA1
  
  1637b85670f92495a4fd5ed4b13cb8e5f0d4f9be
- SHA256
  
  c9cfcc8bc3cff77b537aca6da8141abdac637b11b1c3b9dfac9cce98287e7350
- SHA512
  
  de1cbcb00931c144413bb6b6d613d5057ddc887bdaccd0e4924b40817f17da996a52cc8a93f4c79fc6229c3bd9849ee580c06459dfc7ea395f324f8188a91f22
- SSDEEP
  
  6144:OkrLwE7/sSTtDK/2RhzWtRNY9gIBuQulO7oFo5n4Xd9wDhoQhGZtUi8/1j304U4n:OkrLwEPK/2r6NYQFOn4Xyipo
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  websocket-sharp.dll
- Size
  
  244KB
- MD5
  
  7379936cac71973885587a3bc6fbb70b
- SHA1
  
  e72fec39314d7eb75f13c1ff0459515d95dd910c
- SHA256
  
  fb06ffceb4f8789c893d2f292e5810927dd7266d3bad68df2cedb8775500e8be
- SHA512
  
  d9da358bcc134232f6418d49fe98c427ad49fe8a212a2f166fcbf1718d0a8f8b0fa055caec30b267c6e4b1b4d687f08394830e3fadbae812c4b255abdf8c7b7a
- SSDEEP
  
  3072:ZLixO6zz8t4OXDegbQy058MP2pZrCmrrDse0ecdfF7b2gqEiyDvSmqtNlVusC519:Sn8nDenoRXoJF3bqEiyzZ5m1FsgU
Score

1^/10
behavioral21 behavioral22
- Target
  
  websocket-sharp.xml
- Size
  
  366KB
- MD5
  
  6d20f1d8decdfc1a42e9b690e3577cb9
- SHA1
  
  7ada7c0a8b780e2c998326ffe62e0929f289374b
- SHA256
  
  283cb58b2aa9fde0c804b1b449a5938e07ed1badfe8b29852e2e8e5eaa21c075
- SHA512
  
  19825718f045b650697ef4676d03a260242dbe67027cf46105fe6c7d10063c5724144fc9cf2d26462b94a5a27b90c862b2d2c47112856d6bc2d71b575bae0bb5
- SSDEEP
  
  6144:SBwTFCDWI8tQbzHT1kx3cLBuMtLFdmt5TpnkYDiUwWvFtiLiYn6TRLNb/UqyyqeK:SBwTFCHbzHT1kx3cLBuMtLFdmt5TpnkB
Score

3^/10

discovery
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24