feb72f9e5820e1f19d397363aa99517c8cb386a3686130392613cf24ce1da53f | Triage

Sharing

General

Target

SynaspeFake.zip
Size

771KB
Sample

240814-fwqr2ssbkl
MD5

fd9b7b8de69ea43be38581f48fb895bd
SHA1

8928cd3d6c155a6c27baf3814e0ed1fcc891c604
SHA256

feb72f9e5820e1f19d397363aa99517c8cb386a3686130392613cf24ce1da53f
SHA512

2f11b22b491298f0a150fce5a27c78d081c71aa6cb6948f028f8b8341fd498884cfab04228013d7f54e19b5ca0b81c9c9866679e450d6c88a9a22a685c954b78
SSDEEP

24576:Tbdw1mYCTW+BSpmUfAepF3DxQ8I/iZzSQN:TTTW+UppA4F3DxZjSY

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  SynaspeFake.zip
- Size
  
  771KB
- MD5
  
  fd9b7b8de69ea43be38581f48fb895bd
- SHA1
  
  8928cd3d6c155a6c27baf3814e0ed1fcc891c604
- SHA256
  
  feb72f9e5820e1f19d397363aa99517c8cb386a3686130392613cf24ce1da53f
- SHA512
  
  2f11b22b491298f0a150fce5a27c78d081c71aa6cb6948f028f8b8341fd498884cfab04228013d7f54e19b5ca0b81c9c9866679e450d6c88a9a22a685c954b78
- SSDEEP
  
  24576:Tbdw1mYCTW+BSpmUfAepF3DxQ8I/iZzSQN:TTTW+UppA4F3DxZjSY
Score

1^/10
behavioral1 behavioral2
- Target
  
  Bunifu_UI_v1.5.3.dll
- Size
  
  236KB
- MD5
  
  2ecb51ab00c5f340380ecf849291dbcf
- SHA1
  
  1a4dffbce2a4ce65495ed79eab42a4da3b660931
- SHA256
  
  f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
- SHA512
  
  e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b
- SSDEEP
  
  6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG
Score

1^/10
behavioral3 behavioral4
- Target
  
  FastColoredTextBox.dll
- Size
  
  321KB
- MD5
  
  6f96d69c5fe9f94a5347ea79ae0a7f17
- SHA1
  
  99aa1e09b3e159954d2b48a6ca30c257bd6097f9
- SHA256
  
  2990de1f8c81c0306f721406926f261882c4fa1001180fe867e18dd0304aa129
- SHA512
  
  c71b3845904350842409ce0797bff964bda4cf2f1785719fd971d6cda23250e04c95a737adb5bb8e8fba80b4227edb6f6330b0ee91f1b89239aa8db818dfcd51
- SSDEEP
  
  6144:7eM+FI9qxcKpNOhUNagetTG5q1bPEsqmLD87eNT/9Jwa:iMnqxcKpNO/bseN39
Score

1^/10
behavioral5 behavioral6
- Target
  
  KrnlAPI.dll
- Size
  
  17KB
- MD5
  
  ab7cdb00e85533757bb540106bec1ee6
- SHA1
  
  b53f46b732a15a05763473d0cbd03cb7d303176c
- SHA256
  
  c70037a084f5982f1669bb3b86932118884b7e04c3cef9a0911bbfffc35d95b3
- SHA512
  
  3dd0a5feed3567051f833131673797461c1ac1b6f912a9e84520a3ddcb4c4adc488f4078147a46eaeb167fdc0be590745d66af5ded8613c9c83b2d04b84cefb0
- SSDEEP
  
  384:WG/frX1WcjM4vrX3pXKxbgSEH/FgNuenI1B58L://fJWcXrX3oxbQACj8L
Score

1^/10
behavioral7 behavioral8
- Target
  
  Siticone.UI.dll
- Size
  
  1.3MB
- MD5
  
  750c58af2e56b6addecffcf152520ab8
- SHA1
  
  14995e7f1d12498606d9d209d78d55fe6fd87802
- SHA256
  
  27c56a28cbde094157206da1bfcd7a395111ab97b8a5ff600b11c2175dcefb26
- SHA512
  
  2179790e23f61b3dfea828457f8609279c70b1e071cddc73b1dbda02caa664e0aae2553fc24a4956f9e89c477d66b1a704bde26fa23bc6db26c19e18db00abb5
- SSDEEP
  
  24576:QVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8gb:u8NlaVeuHFb
Score

1^/10
behavioral10 behavioral9
- Target
  
  Synapse.exe
- Size
  
  21KB
- MD5
  
  8646d25375272a7ac140311620d73183
- SHA1
  
  defac2ab1cc1b54ae8c5273aab81612de5d0d15e
- SHA256
  
  b872d6bc1c1fd58dea85132e2339b439d4444c4e2c9b737aeaad5a4d8bf6f675
- SHA512
  
  47ff908ffb31bd2dc3e183b31119e623e9cd14ee94e3dd2bc2d25a50ae920c3644dc9138ed79041ac8b29e7c91bce502aa6424a029e9514af676a37a07ae3829
- SSDEEP
  
  384:2lKvrnV7VsVYDsFLXOSUuiW8oE38UV8V9VYO4qb8PZWadSr4CTqEPmQoB/CVOpwd:2kvrnV7VsVY+iBovUV8V9VYJmUkTr4Cf
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral11 behavioral12
- Target
  
  ccapi.dll
- Size
  
  460KB
- MD5
  
  e3daa68b2f194aa919a180931b8f7e66
- SHA1
  
  3a237c657f0ee9b18ae5bce632a3fea1d31776b5
- SHA256
  
  cbc091d1370f56bc07e68e9e754c7497b9b7fcf319174a5f01685c0a43485190
- SHA512
  
  a5136555410c231b6ab9515ae625588dc958e8c180713b375b256976adbd3ea0573cfd8c6f5095f402be791bfbd5ba55532618ec2c880f8d56ab8413fce067cf
- SSDEEP
  
  12288:ecnhILvJgwA6W792yFsy2Gkyv9OxsZmSKluSDz:eOzdxKluS
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14