Overview

overview

9

Static

static

7

net6.0-win...er.exe

windows11-21h2-x64

1

net6.0-win...er.exe

windows11-21h2-x64

6

net6.0-win...re.dll

windows11-21h2-x64

6

net6.0-win...ms.dll

windows11-21h2-x64

6

net6.0-win...pf.dll

windows11-21h2-x64

6

net6.0-win...on.dll

windows11-21h2-x64

1

net6.0-win...ol.dll

windows11-21h2-x64

1

net6.0-win...ol.dll

windows11-21h2-x64

1

net6.0-win...pi.dll

windows11-21h2-x64

9

net6.0-win...re.dll

windows11-21h2-x64

6

net6.0-win...pet.js

windows11-21h2-x64

6

Microsoft....re.dll

windows11-21h2-x64

1

adblock_snippet.js

windows11-21h2-x64

3

net6.0-win...rl.dll

windows11-21h2-x64

1

net6.0-win...sh.dll

windows11-21h2-x64

1

net6.0-win...b1.dll

windows11-21h2-x64

1

net6.0-win...td.dll

windows11-21h2-x64

1

net6.0-win...er.dll

windows11-21h2-x64

6

net6.0-win...er.dll

windows11-21h2-x64

6

net6.0-win...er.dll

windows11-21h2-x64

6

Analysis

  • max time kernel
    144s
  • max time network
    206s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    09/08/2024, 20:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    net6.0-windows/Synapse Launcher.exe

  • Size

    2.3MB

  • MD5

    f553d4c216830a6fa652526e17b472ad

  • SHA1

    37a34b396060da64ccb892b6efcc6d48ef4456cd

  • SHA256

    1527753d9fd361ff1950ea5208e7020615d6f3344fc0acf420f531c7900c50a5

  • SHA512

    a801fafd50c3f777d8e48278fbff094288c7e562c2c0bee66085e877b268c66665f2490a3f56d5f5773b075cce5fd9c7eb5be41fbbb83ec8f19155c2a5f3e7b4

  • SSDEEP

    6144:CFSLTbV9uGrD120B6N+p2frT/cYRC/fh8c2SMyUSwgGxCM5Uiwv7bk6pqXfks673:Cps6N+p2cYfcVF8CTtMG3sRpc/tyR

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\net6.0-windows\Synapse Launcher.exe
    "C:\Users\Admin\AppData\Local\Temp\net6.0-windows\Synapse Launcher.exe"
    1⤵
      PID:2188
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:3000
      • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
        "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
        1⤵
        • Modifies registry class
        • Suspicious use of SetWindowsHookEx
        PID:3472

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
        Filesize

        10KB

        MD5

        a7f391566ceb7d310b04c1376aa66a07

        SHA1

        eda88e9134d3de209152481c9e8aa02054d4c2eb

        SHA256

        8ecb81fa22792fa6bb09abc86b9b5afb50773e2c5537def45dd8ba297f6c714e

        SHA512

        163bad20eaa9108286367367e6a54a9ac612026954ee2466b8f88f732a992695fe160d3fb5f092976ef15c1c1b71400e577a9a4833dfa616d7c9ee6a8237033c

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
        Filesize

        10KB

        MD5

        7fc1af6f45e844eedd1a78d89ba2813d

        SHA1

        bdd93c47e99e7da95f5888d01cb85550f8fae9ab

        SHA256

        87577decf9290f786d76c3e9885e490106a7b00dd8a9b43471ff32f9eddd612e

        SHA512

        e79bc304620d23981c9bc03ada331755eaf74f356f32461bced715ef6e5c3ceab947a5a1dc51ef9061427b5c9132f58b1c14cce33960dd469c066ec4458abe86

        Download Submit