Overview

overview

7

Static

static

3

SynapseDowngrader.exe

windows10-2004-x64

Resubmissions

29-08-2024 18:55

240829-xk71maxhql 10

29-08-2024 18:52

240829-xh927swcmf 10

29-08-2024 18:50

240829-xhcrpsxgnp 6

29-08-2024 18:46

240829-xekyxawaqd 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SynapseDowngrader.exe

  • Size

    600KB

  • Sample

    240829-xekyxawaqd

  • MD5

    8c48b5f9d5efc74bfb95390ea23f2db7

  • SHA1

    76e3c2b597164b9009c65f421e87abfc3b3e412b

  • SHA256

    21829708b9a4864c95b5f388fb3e0e850c2f1e04e17f093e6e6bb7d7f383e913

  • SHA512

    de80367169c7862ec66505c84c42be1134c16c9c19a8f1344d6ed9dd1d7510fe993cc249b077c2e61c2f3cdd2555930eef50f44e287fb42ef11b00593229a28f

  • SSDEEP

    12288:Egby/bP2s/c9DO3LOBCjey8al5+mAIG+dGRqCW77UZh:Egby/bP2sIDULOBCjlvWI7GRk2

Score
7/10
bootkitdiscoveryexecutionpersistence

Malware Config

Targets

    • Target

      SynapseDowngrader.exe

    • Size

      600KB

    • MD5

      8c48b5f9d5efc74bfb95390ea23f2db7

    • SHA1

      76e3c2b597164b9009c65f421e87abfc3b3e412b

    • SHA256

      21829708b9a4864c95b5f388fb3e0e850c2f1e04e17f093e6e6bb7d7f383e913

    • SHA512

      de80367169c7862ec66505c84c42be1134c16c9c19a8f1344d6ed9dd1d7510fe993cc249b077c2e61c2f3cdd2555930eef50f44e287fb42ef11b00593229a28f

    • SSDEEP

      12288:Egby/bP2s/c9DO3LOBCjey8al5+mAIG+dGRqCW77UZh:Egby/bP2sIDULOBCjlvWI7GRk2

    Score
    7/10
    bootkitdiscoveryexecutionpersistence

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks