General
-
Target
http://www.mediafire.com/file/b59pp7fa1qldgqk/Synapse+Z.rar/file
-
Sample
240810-r6vpjayarb
Score
10/10
Malware Config
Extracted
Family
phemedrone
C2
https://api.telegram.org/bot7213845603:AAFFyxsyId9av6CCDVB1BCAM5hKLby41Dr8/sendDocument
Targets
-
-
Target
http://www.mediafire.com/file/b59pp7fa1qldgqk/Synapse+Z.rar/file
Score10/10-
Phemedrone
An information and wallet stealer written in C#.
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Executes dropped EXE
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-