Analysis

  • max time kernel
    15s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2024, 22:38

General

  • Target

    synllc.github.io/synapse-x-documentation/install/installation.html

  • Size

    25KB

  • MD5

    2d2d993f32153a8c1a2d043e3afd21e5

  • SHA1

    0d84137dfd5bfe5c9d4df49f3eeaa8fc71f5b8ab

  • SHA256

    f934b89eb9a2b897f31207d289314e28909caecbfc1a9da8d03853a582323238

  • SHA512

    ec33d1c9c2078ad30532005e20ceee843c50741aec6a7a87e9cc61bfdc4b17c3cfea903de0b2a1280bd4410cd020f7b1c71b71967239d9fb586880409cc10d65

  • SSDEEP

    384:VGHxfrhuhN++JdXVx4fyDisVaHMn1EIPSdjfOAAO/EUvc7D88SkjsOH3DwGrMRTP:VGp2/HTfnbm5

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\synllc.github.io\synapse-x-documentation\install\installation.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a36cb086b8e3e59daa6b01ea126fc6ef

          SHA1

          e69ef8f6c2cb58c18e7982b699da5a6bc4d4e054

          SHA256

          a39c8105904921d3798d3098c2bcb424bf074feaf4ec09400f59d1ec84300443

          SHA512

          10e3023fb68f1f13477dfc2577b84bd108cb45d76fc435d694b27abd0ca39948b02d52c927a3f4cc5cbeca8b4c8605211fb11e90ac39fc4a3f7c6b1ae0e29835

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c80abb2826a934125a37f01363963e58

          SHA1

          5d07b96b5360fc3d79ae4a62cdef8a07c8416931

          SHA256

          5bcb1599d778ed96e25e91f05622cd887346acd1d12ce8a3ae17cec2847d622b

          SHA512

          a54bf97b506197d6c674782efed269d88709bed75995a044a0221fa711a357a7641389c676b3e9ebf5f0e8a1dc52c20e3d280d07543e430d42e79e798c823117

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          19c57ef10ca39e8be68992efe0468d7b

          SHA1

          3ccefe0f224abedd8260e70274c24871163b2c4f

          SHA256

          5aa22813f86d9eecda607ba2e624711c349db707efb064ef4c062c337d5c1b36

          SHA512

          2c4d9489320608d0c0c006bf95ed10b70ba06cf46f7c907455792c2cecdc039774622d5afdba12edbd8bcea7847288c2d177b0565d97c84477ad15cbd53eef56

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f3e732ebe2e5a2ddf5083856e7ac363c

          SHA1

          423bcf42bb7e3a167d1620db89a841b45be8bbb6

          SHA256

          4ff4c96cffe309afcad26a658c2ae68f7697aea2125f23bd61388c107d9ad386

          SHA512

          010548d72e1c23b3e9caa9c1977b4e4cb35d1c74139fc2eeeafb045770414a7cb3b520bb94bd632abd728eb56d7d63dafc546e2dfe1717cdc721b48c92c2117b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          217f290c4019993171cb2c235ac8e5b1

          SHA1

          3771c05530050ca5c219520dcaea0fff8e2144a2

          SHA256

          36ec8e382464e1cb75e01e005cf7ed87a69a488e8067e3ad4672ce189738d415

          SHA512

          ab5b4dcbadae088de484fc4a5218ccc4b7e6b02777c58bab38d7933986eb35af1f16e6c3853e82fcc29b598e728e148159dcca2a7959e51be9f7f04b0c07ded7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5820579ac28a93e2ffc551f208639fbd

          SHA1

          a85dd30d2e2881e7261f3fdf3b6322b362c55b54

          SHA256

          716871b9c6f590e38874c6f7fa38f65bb0b9bc4ebb647127d03656496fd7aebb

          SHA512

          1a45c757685bb623c3b75e0e12d19cdb757107bec7586a37a4aaa58d703d2be1b8fddeb62ff93e1e191f52940b1a513b1f36d2e0fb7b7d00003ad0d073ff8c21

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          66a49bdbe312f1f7646964f49b380053

          SHA1

          aaac6143842c3bc8fe74ccb29b9e6983ac07801c

          SHA256

          382c8ca4b80b739158f279599d40cd497e3ad9c9a3d5a9087c59d05220b872e7

          SHA512

          d80372c2d7390450340fb39e66b9a1e4bcbc6f9dd78c185e29bee32a8f95e425070b13364356d2046cdf015e0530a1d3650514de013c21b13819dc04b7c54629

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7be841b0ff122ba39ff0a12103ac3499

          SHA1

          1e813c389d0e61cb867c4bbfb6252f3b87ac7eea

          SHA256

          5773ac2376895a1f160e0acdf9f670d1c13bd7da5b1fbc13a08781e4c6ac437c

          SHA512

          ebdaab6ce1c33508ba80557aeeaa96408d33e274da1c8a751b6fe70a13927299e4d274f912ecf770ae55fdecbb747e26d6cd33e5bca119fb749941e3a19962ba

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9133fa2b7cfbd7e3306fdda66a0d4385

          SHA1

          99d5619fca602ea0f0db02f6be8634ad192b919b

          SHA256

          0224ce000bd8f7374babfc5630b0b943d7dc43606882ef7816ac9c39305e860e

          SHA512

          fe26ced9c351d450155272563602845592ddafacdd7d311995db5fabfa1473fcf5bc2d14c34bfc430942a7048fbbc828cd781620b8a7d4762fe3e72f5de5e2de

        • C:\Users\Admin\AppData\Local\Temp\CabDA7A.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarDB19.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b