7ee44f34f1f8dd6c01867900d014537c29c5132d4d0ca18ece9e36bad3fb593b | Triage

Sharing

General

Target

Synapse Z.exe
Size

12.3MB
Sample

240810-z9mgbsshph
MD5

8627ed2397b480b41c938271339025a8
SHA1

94c2b945f69e51635d9fcb6113d637c890eb3882
SHA256

7ee44f34f1f8dd6c01867900d014537c29c5132d4d0ca18ece9e36bad3fb593b
SHA512

cb6a33161072b2a745a553a04e2e5f9f050fd42f7974da767985096218ae33235a068584e3209f2a585b020f15808bf40de9df38639c35d511d015d440f4938f
SSDEEP

393216:jN8oL01+l+uq+Vvq1+TtIiLavB5IjWqflzK:ji801+l+uqgvq1QtIh3ILfY

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  Synapse Z.exe
- Size
  
  12.3MB
- MD5
  
  8627ed2397b480b41c938271339025a8
- SHA1
  
  94c2b945f69e51635d9fcb6113d637c890eb3882
- SHA256
  
  7ee44f34f1f8dd6c01867900d014537c29c5132d4d0ca18ece9e36bad3fb593b
- SHA512
  
  cb6a33161072b2a745a553a04e2e5f9f050fd42f7974da767985096218ae33235a068584e3209f2a585b020f15808bf40de9df38639c35d511d015d440f4938f
- SSDEEP
  
  393216:jN8oL01+l+uq+Vvq1+TtIiLavB5IjWqflzK:ji801+l+uqgvq1QtIh3ILfY
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2