ef10f89e2974c76e5c9da05957ca8787df4b04ce3fe02199d817cd37aae98754 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SynapseX.zip
Size

31.8MB
Sample

240808-mxybvawekb
MD5

fe9bb9ead270c6d9ede08672bcafebf2
SHA1

fc96ce526f7cb9abdc432e5766276cbafd3bb52a
SHA256

ef10f89e2974c76e5c9da05957ca8787df4b04ce3fe02199d817cd37aae98754
SHA512

b05d6a61c81e8381af847a9cc343972d14cecf828e581064d13d83784830a07599b266c3c812956ea3a1f706888de2287d5e7f5104cc383785c31f77151e7b55
SSDEEP

786432:lK410Y39jI9hMuRWXWKdIAoksUNhm7544L:13JIo4IdIGo4G

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  FastColoredTextBox.dll
- Size
  
  323KB
- MD5
  
  8610f4d3cdc6cc50022feddced9fdaeb
- SHA1
  
  4b60b87fd696b02d7fce38325c7adfc9e806f650
- SHA256
  
  ac926c92ccfc3789a5ae571cc4415eb1897d500a79604d8495241c19acdf01b9
- SHA512
  
  693d1af1f89470eab659b4747fe344836affa0af8485b0c0635e2519815e5a498f4618ea08db9dcf421aac1069a04616046207ee05b9ed66c0a1c4a8f0bddd09
- SSDEEP
  
  6144:0R0J4lx4/7BA4xvNdcwCOg04j0y5mwZkdmsqmLDi5eNH+Dl1SIP0:0R0J48lAovNd7CO34D4b4eNO
Score

1^/10
behavioral1 behavioral2
- Target
  
  Synapse X.exe
- Size
  
  638KB
- MD5
  
  2e620ee17a3eff8d2762e17303a708a8
- SHA1
  
  4bb549d5be0ee45a4302ef6abe82d4774231ed79
- SHA256
  
  cabfd35270bff1aa725ff1f06aa941a487f9cc9047db2f99b68459d8a9bd8668
- SHA512
  
  417fac9d238baee19b69ff16fb44e6b3edf6901198175c4bd4b95200db7b0c27af0107ae027a16cc7f6bac2baf56dace55ba9c0952553e41096372339a345850
- SSDEEP
  
  6144:gD9rCdBnt1ZZPbhWeXfk9CBnt1ZZPbhWeXf6eB25ZntS:gBrC3nt1ZZPbhWok4nt1ZZPbhWovc
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  bin/API.dll
- Size
  
  1.3MB
- MD5
  
  157fd035b2a344a94166d7db3756df0e
- SHA1
  
  f221d28c1deb80b4e8d9201226435aefce6b0f75
- SHA256
  
  8716c75aff75941711aff8770836f47eb9a254416089ef3571c6fc9a338b3009
- SHA512
  
  fad0174fbd22f58dd4fcdaad8378c214270b4faeaca64d9cb306f50e9316072a4c417c5723c4123b8bf94a3dba6ef4e3303ec60f4a2cf0c3a54d8ab375ea717d
- SSDEEP
  
  24576:ZqBSLRktEBl6blwTUMD4zB1VU2bFjYWR0pMQUAqLRAovh4bSAXVVRNRfMXZO:ZqBSLRkt8l6blSU//+2bFfvA1SQVVRNk
Score

1^/10
behavioral5 behavioral6
- Target
  
  main.exe
- Size
  
  30.7MB
- MD5
  
  be71d00e9d0f2902f25cb2fa94c3917a
- SHA1
  
  b9338661dfa05312e5329479f8e1a9b5c0e942f3
- SHA256
  
  d77ad43b474dd776144744546d3f85882b39794e7834448657b3de2a0957eb50
- SHA512
  
  2f484090f29435d7a4c30863d2ee578b42040b348f97189c2af128e675843dc4803b9c955f1ca140e69b55477756da1f4142bb78f7bc7902d2d5d6f16ff46ad0
- SSDEEP
  
  786432:8sHi2fmtUFJWs97HWE5dvQN/xNObO+CEA0:1fIUW0D52SyzEA
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  scripts/UNCCheck.lua
- Size
  
  28KB
- MD5
  
  b76726d10354343d9af5c268e40b47c4
- SHA1
  
  7103c78071be0c65c8b3a217168cf7909aef748e
- SHA256
  
  e8d53406c916b8e827c65c8f00d8a18b1379e693fd0379e8116e749bdf860cf5
- SHA512
  
  5caffd8a06058e890fe4ae35430539281cf53fa791221189f0f6660778a83fa42cc3e5374ce06ff325420d92006c2bfe1003f1486714e889964075da66b046eb
- SSDEEP
  
  768:JopEYRzOKMrGrE7BWf9r+T+f9TkIuP4hUUsbU8FqQFBF5UXzRFEe3cSG5Sg/i5rx:JEKcZuy9p
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  scripts/infiniteyield.lua
- Size
  
  465KB
- MD5
  
  0679a213fd446d4be5272669addc9628
- SHA1
  
  1637b85670f92495a4fd5ed4b13cb8e5f0d4f9be
- SHA256
  
  c9cfcc8bc3cff77b537aca6da8141abdac637b11b1c3b9dfac9cce98287e7350
- SHA512
  
  de1cbcb00931c144413bb6b6d613d5057ddc887bdaccd0e4924b40817f17da996a52cc8a93f4c79fc6229c3bd9849ee580c06459dfc7ea395f324f8188a91f22
- SSDEEP
  
  6144:OkrLwE7/sSTtDK/2RhzWtRNY9gIBuQulO7oFo5n4Xd9wDhoQhGZtUi8/1j304U4n:OkrLwEPK/2r6NYQFOn4Xyipo
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  websocket-sharp.dll
- Size
  
  244KB
- MD5
  
  7379936cac71973885587a3bc6fbb70b
- SHA1
  
  e72fec39314d7eb75f13c1ff0459515d95dd910c
- SHA256
  
  fb06ffceb4f8789c893d2f292e5810927dd7266d3bad68df2cedb8775500e8be
- SHA512
  
  d9da358bcc134232f6418d49fe98c427ad49fe8a212a2f166fcbf1718d0a8f8b0fa055caec30b267c6e4b1b4d687f08394830e3fadbae812c4b255abdf8c7b7a
- SSDEEP
  
  3072:ZLixO6zz8t4OXDegbQy058MP2pZrCmrrDse0ecdfF7b2gqEiyDvSmqtNlVusC519:Sn8nDenoRXoJF3bqEiyzZ5m1FsgU
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14