Analysis

  • max time kernel
    28s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2024, 22:38

General

  • Target

    synllc.github.io/synapse-x-documentation/introduction.html

  • Size

    27KB

  • MD5

    a5e9831095a7a5154c6c260c68ddfbbd

  • SHA1

    5192bbfff82759b67b366633202e89260601cd87

  • SHA256

    1fb5d7ebab800a3086dafa520e0916a006399cefc214136a3a072d708c55c0ae

  • SHA512

    78daa168390b7546d53bab6c97f986eb585f1338aabecb88eb81b4aba0557e413dc17bebe5042eb5805eb7948b5425f18b472233edbcdcc71aca632340c8a183

  • SSDEEP

    384:oGHxfrhuuN++JdXVx4fyDisVaHMn1EIPSdjfOAAO/EUvc7D88SkjsOH3DwGrMRTP:oGpp/HTfnbmt

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\synllc.github.io\synapse-x-documentation\introduction.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2824
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2824 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b9d6a57b6cac208ae0cad71e79a1668e

          SHA1

          d704527f5757636a3255f28a342b8bb97bc27e9d

          SHA256

          41f95734c96209ec0afde9c7273d6c610427b476f657e47b7ce1f75da1173f8a

          SHA512

          1e982359492296e37092a6c9c13e84c8875b67d072bf054079ceada7527c800a94daaf7c14a08197a3dc2752b73cb0c6e4aa8ee1d68062956b80a21f1c57b188

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e9958d52c3418c8de212f283055fc842

          SHA1

          09fb196bef7fe34f304fbec1fa03e9e444ccc302

          SHA256

          e7495f917c74bdad9bf1ffaec59639af2837fa4304090fb54f817a6d7bbe813b

          SHA512

          4170a97db53e91f4f8a2477ea0daa3185548a314802414277ce8bac6d7fade30642ce2c8b55be0fcecd5e5f939ad8072a9ec65ffccf510829d5f5be941542644

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a6daa243573b0d7b91ce9dc6bac2a01f

          SHA1

          f94a83d27653636a0fafc895f821bbe6dfe909a9

          SHA256

          0efe604ba0ea6580d9b49d251429f281cf5c906e7d71cd3c65f3f24912d404c9

          SHA512

          65ee954c2f9ebd0edc31ffce118ae3dc4ba7b7ee9c9a154e889a4093887c9a32d99be3a90c99d8114a4d6225f2a7f7c477891a3c2503101aa77856dccf3cbd20

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4539dbcaddefc500328ad084bd4def50

          SHA1

          a0f1cc43449535e53332b7b8e700426b42af7cf1

          SHA256

          2f193f87c40be370af33f44679227721c2a498b35254761be7d0b06081ce89b1

          SHA512

          8f8d5e51dc820111c5d1e6d7a2f4683ce0798e77950a36940d86596fdc7e6a1f759f2bde0a980daff638b61fd85c3453779994cad2b866bc960972f7b0c2171d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1a138e4668913b95ff6874aee80f457d

          SHA1

          3bd104b1a9663bf7f3f5fea0032ea86ae4e979f0

          SHA256

          bb836b7e886cf06f6fca79cfa8dc7fa57134c435bf6be448267c605aae832687

          SHA512

          0e7b1d140ec93dd82f471ef8c8f6ac1b40e3311f020f609d378a2f4360aa473741b29efd78a390e1ac6108793d1d904a68624a18099219aeeb65a785585e3460

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4f19c518e398d89d7183ee15894fcc95

          SHA1

          91f1bcd29a602e7273f7d443eb809cc5cb5d57b8

          SHA256

          6669570f2d73eaf18481abe1fc5f8e26096803214959e25952c6c6662afc83fe

          SHA512

          f3bd38b29952eba800a3140e3849dbb092f9dc462559c7c1529a48e50cd3d6e4c6c983b78899b6cb4a4b5c7e62457544b830d7d46f9ca63082156282c62abe8e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0876684f33e6ae0bb15fed88db34e784

          SHA1

          e6ba992e89da85c8fe7d5ac560f34ee5878c16a5

          SHA256

          18fb79b0ab1cf1e7bb16e60ef5baa12080328c910ec045e74f4fe758da3426e1

          SHA512

          3950159953e6922e49badf63e7cf1ddcfc093d1abc27b32f659838a2dd1dd8b438ae4a8603581c51506159693c161f873c47e5b2a6888a37aa7c88fc4f7476a3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0f267b265fb7e81f14385862cb3daf72

          SHA1

          6f65cd9d317cb9e83a69eed7631164817325ca62

          SHA256

          8e333f705b74ca15436f21b21216ff7aaaa6f6759d1bb683a9748edce83095ae

          SHA512

          cf7eae54ca7e96b0d5e9f967b365175e5d9174e68228617fac16b4884e66f837b7c84761948ad9ee59ddff3e9be67636423bda254b0fde288073d74977710ca9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          38f5a4310d1b16ed7e2e67cfc8cecd01

          SHA1

          0b1cc4d9a13fcb332984bd6913ff9b749d1f0ca6

          SHA256

          ee10e883ec378e3731fcaee92189c9ded283feac0c673c6453e0e814c37ec027

          SHA512

          07b153b93dd7eb269c19f329abef54bdabd800eb3fb4470f26fd8b6bc229616cc1cbcef8cd2e1f921289c7fa3aec9f900cadcc1ef637507b9666aad5ea7b48b1

        • C:\Users\Admin\AppData\Local\Temp\Cab7533.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar7593.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b