Synapse Blue[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Synapse Blue.exe
Size

4.6MB
MD5

84972aa071c8f3bc4bc43c474c101210
SHA1

05624c9c9b0c949e48073f5fa87cb028db6f7545
SHA256

7e0be24d3a1db14341c749cd41a8563622281b10f99224303662a97a610ab566
SHA512

ac5590057fca7c1777ee590956c61abc83535bd37faecc4bd32fe363f7b614b96358748c68c501b5956b488be1a9ab837cccc0541678f3098ca2809122de75fb
SSDEEP

98304:bwSuBzB0J8Wj89ySQ1ZL6wXoCQHWJyZ4WxgNp3jDrGuvggskxOmjYfjKtq+nXzPn:V8WocSQ/OxTHWJyuOSpTDbvggsWOmjYY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Synapse Blue.exe

Files

Synapse Blue.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ