Overview

overview

9

Static

static

7

SynapseLauncher.exe

windows11-21h2-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SynapseLauncher.exe

  • Size

    4.1MB

  • Sample

    240913-w7yvsssdpd

  • MD5

    7d298245f200fa8fdd2da58830b286fb

  • SHA1

    a837c87c6c2c12b8bd1dae3a38bee7468f53907d

  • SHA256

    93e4666d53d8437b111de4bbc936183c3ee505cea719d0faa1d650e6d3cd4634

  • SHA512

    16f36b8b8577f62faebcc3ab148c877a17c208d8e29eb285d904f47b301f8c26c2227ea299c416f626bd62b1b79358ccda741c8b9054fcf0501e40b89792dee6

  • SSDEEP

    98304:Y1bT9OqJzqQ1KtN35Nu7zVFPbCV7aTImb/DXNv8ry4NDDaHN:YZPJm8SN35NMzVFPOQTIm/Nwy4NDC

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      SynapseLauncher.exe

    • Size

      4.1MB

    • MD5

      7d298245f200fa8fdd2da58830b286fb

    • SHA1

      a837c87c6c2c12b8bd1dae3a38bee7468f53907d

    • SHA256

      93e4666d53d8437b111de4bbc936183c3ee505cea719d0faa1d650e6d3cd4634

    • SHA512

      16f36b8b8577f62faebcc3ab148c877a17c208d8e29eb285d904f47b301f8c26c2227ea299c416f626bd62b1b79358ccda741c8b9054fcf0501e40b89792dee6

    • SSDEEP

      98304:Y1bT9OqJzqQ1KtN35Nu7zVFPbCV7aTImb/DXNv8ry4NDDaHN:YZPJm8SN35NMzVFPOQTIm/Nwy4NDC

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks