7e3247c9839a52819cdd5b6581877024abf7e002893a0fa1956ad72867c2fbb1 | Triage

Sharing

General

Target

SynapseA.rar
Size

1.4MB
Sample

240815-zh8v9atbre
MD5

b3e475fa78ba1fc4e5c8d95add7c73ca
SHA1

35f6bb32cda9c040ce101ae25754e8c705a4d85f
SHA256

7e3247c9839a52819cdd5b6581877024abf7e002893a0fa1956ad72867c2fbb1
SHA512

bab1e41ea210295a9f33054964b5fd6101f0546089532e21f107c3515ccf76b8cb9738f8bed37e6c8197274e2fcad382a56eab7ecdabe3a40b6e1172300f2a99
SSDEEP

24576:5JECjkvvHO2OOv2Oc6m435GbhrOYf97RowLfFuGqFkM0fSb3jQl2PdcKQgu1Ii7:/CXu2OOeh43YhF9RH4/FrL3jQwKKSl

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  SynapseA/Bunifu_UI_v1.5.3.dll
- Size
  
  236KB
- MD5
  
  2ecb51ab00c5f340380ecf849291dbcf
- SHA1
  
  1a4dffbce2a4ce65495ed79eab42a4da3b660931
- SHA256
  
  f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
- SHA512
  
  e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b
- SSDEEP
  
  6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG
Score

1^/10
behavioral1 behavioral2
- Target
  
  SynapseA/FastColoredTextBox.dll
- Size
  
  325KB
- MD5
  
  adac0cee5cc4de7d4046ae1243e41bf0
- SHA1
  
  c8d6d92f0dbee64d0f4c0930f0d2699a8253e891
- SHA256
  
  68d0e444c0b27552d2cb86501dcb7db3fd64b82d966e9708db0408ec1ba38c79
- SHA512
  
  1d7af604540532a4121850760b1e401bb6356e59503c26f3d1fa358a105b7d88362c92f78aa4394095b165f06c484b8c2d2ed640380e85ef9b3eb087d3e7c869
- SSDEEP
  
  6144:CbgkJe4jG4m3oCCClXA34Wm5pVg/IWTKZCQOsqJLDd5eNqwDl1HD5:CbgEGv3oCCQAohVgSLmeNfD
Score

1^/10
behavioral3 behavioral4
- Target
  
  SynapseA/SynapseA.exe
- Size
  
  270KB
- MD5
  
  e518f61c74357f7ef2529b769dff0130
- SHA1
  
  aec237a9a74254a183af50bb444accbb05a51cc6
- SHA256
  
  62eae0a7d03a4dd500f21c481d447df6ce6617c5e0cde20923604c8ff5b1fadc
- SHA512
  
  00dba2f05e2015d4fafc9a93f2648317ae17726fd024614a2a92a9ebf23ef2dbcfe9cacd6932efdc47d6f7b270ea2af76e572bad0f532cb17978824f07552701
- SSDEEP
  
  3072:AxxJDI3uhci4xD10YBTHD10YBTQD10YBTBqk:AxxGeei8hQ
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  SynapseA/SynapseABootstrapper.exe
- Size
  
  68KB
- MD5
  
  68e058c3ba9933d2a0b621043d184cc4
- SHA1
  
  947c525f79fc72f9403b3cc80a7956e2502b37a4
- SHA256
  
  7dd986b4c62afb8bfae5d8cfcab62994266ed3300a80a51a2ac433c4fd47c6d8
- SHA512
  
  29c928a97771187b75248cf84ddcd76e5496ca4fd7653cb9182ad59bd17df5bcbd05ad0f224e4358864cd1621995ee0ccdc04ec33519b153fc75224c9a0d5ef3
- SSDEEP
  
  1536:Zc2yj/yvFy2azwvXtKK5dWve6X/sc1NBPD7U5ddG+12y+E:G/ysWvXY+WvRvsc1Nx0P/12O
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral7 behavioral8
- Target
  
  SynapseA/bin/api/CeleryIn.bin
- Size
  
  44KB
- MD5
  
  7b23c9ace4767546cbda102024ff9461
- SHA1
  
  414ef4cd25d0f43f4d613fac61b2991800a00e7a
- SHA256
  
  a12b8fa06552a9c6ef682b4535e23e0e2a308c59cec5b33f45ce783cbcbd70a0
- SHA512
  
  8cabdc8d4bd9ab2a5b105487eeee259244d5896d3a5fe859141edea31d6dd14fe2cb492f9019362aa2f722bafb9763e23c195fff4a11b6170fe3f57ac7d7c706
- SSDEEP
  
  384:9zLZFw6q0MEe7TJ8cB2VyNhY2G/4YbXO2CImy1TUlJE50GTLcPh2QdwIqGxr:9biXOcB80hSPXO23mmTEJOm2B
Score

1^/10
behavioral10 behavioral9
- Target
  
  SynapseA/bin/api/CeleryInject.exe
- Size
  
  5.4MB
- MD5
  
  f47607f244b58b35b417cb2c2ece0497
- SHA1
  
  96bbb96221675781051b5e1246e0cdef108a69f0
- SHA256
  
  fac8d8abc400067e321e405293331e4d50eaec61289b02c160a52d086851fd06
- SHA512
  
  edfb1759c0239b3fa1062ca66540d1c33e8862cc8f74d49e4acbf9bdf13feff69308360312056e5d14e7fa764561090978ea4be86f4ffdcef32f93663f5790bf
- SSDEEP
  
  49152:chITlFM218wzEqBOxfesB2tMoQppJDGjywl9H53PVz16zJu+TsGdn8dnndn+dneU:c+fzPsAVvIZ
Score

1^/10
behavioral11 behavioral12
- Target
  
  SynapseA/ccapi.dll
- Size
  
  22KB
- MD5
  
  ff90dc4188f13fc885309ad8b3efd2ab
- SHA1
  
  75f8ad10cc214f7325fe90bbdd991bb67dca70c4
- SHA256
  
  1f515d01b77012405db25097fd12b11e6c90c125706f1037bde6e7090953b439
- SHA512
  
  1230480f5cac682200f18c011f293da862b995a70b3a3d094899f33749a62b1cdd84eb95a51c80a7794a3ab33f498747ef1a1be19ce9b190531f6f64ed1524f2
- SSDEEP
  
  384:km+HkZk4V4EVgiaG7C2QpEagWunbwBdR1ueVgVEwFV51:LZFZgZG7CZ1Xunb0vKhFV
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14