Analysis

  • max time kernel
    15s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2024, 22:38

General

  • Target

    synllc.github.io/synapse-x-documentation/print.html

  • Size

    311KB

  • MD5

    8db7f8dcceb57b928ee87d1dd6fe6c6e

  • SHA1

    9e46d63800b2ac1e22ef3e04260cdc584ce560ac

  • SHA256

    06c3d8ca71d5bad23c8885dada95e6e4ec35c26db488ab07fb0854215393c63f

  • SHA512

    8f53fa20b269d5066390c6b0609a51ca86ca44603cb3c47218aded86492d9460d33ac12901613cee3e39e1b10d710c4b2679756eb16ca389a460d6322172f138

  • SSDEEP

    1536:2HnLzrTbxpg7X4g+sW7Xje94lWiZ5FikLzwOkUzcgIbXrHt0a9EwW7XL0e9YxSjb:wz20sW3llWiTz2GwWP66nJ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Modifies registry class 5 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\synllc.github.io\synapse-x-documentation\print.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1776
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1776 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2852
      • C:\Windows\splwow64.exe
        C:\Windows\splwow64.exe 12288
        3⤵
          PID:2156

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            342B

            MD5

            7e18574afd7fdc979e898a436a1300f0

            SHA1

            e74878601ede30e654fabd830d9696d6b0310e4e

            SHA256

            ce199d93265c94e5d2750481c9f32287c46a2492bda85cd29a9aa504ff6bd0b6

            SHA512

            8be98aea702c2c8a1325f5f641ed9b8058062554e3e2e2989fce9e4b7b797d8c1ada59ef81755004fb82e11ddf8856c046994cb88db99c81dde61761c804fe76

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            342B

            MD5

            c922b4133030db2d1ed5708d688c4ba7

            SHA1

            89b5c6403bfe9856641fb1c649f50304424817db

            SHA256

            a604935bd5108e336ab283a86c0226238f92f0e2f1f45c9540310b7faffaace2

            SHA512

            4c93c148524144ccaec0ce159784ecdf1078267c80cd6fa939b7b7f09fead23cfecc39c2fa6ce8e28f84a94fefaf4e42a1f5b72bedfdf5cf552fa1dd05907bdd

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            342B

            MD5

            1e3d63231e6fe3a620c51c38422a1917

            SHA1

            1b702a7c28275bbb4bec0929f519a9e47806763c

            SHA256

            bc98c3a3061b3890a47dda1b6a54b803044eabd1a2c1f6afe8e44be4e1843edb

            SHA512

            cb645809fda2fc1574e5b76087346343db9467a87ec801fdff27b099b451246ba769522213e1c9bcdac2e76731289a6e2804c8f985a08a9bc8bf981720541ecf

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            342B

            MD5

            08b8b303f9a87817de4cb67c10aeaf99

            SHA1

            75b082f798c79dfae2b3813a041a9b44dd4a6d48

            SHA256

            d8b2d6af52f0a82de5e1c20bd41cbb09b2ef22bbf896e3d17c184e7cad08e28a

            SHA512

            4f4825be9219ca9b7d4ebdf27104a6a92769265e9e922ebdd705a80196da3efb91c11a39d9dd1c6456161c339c1d80becb542d9f49b50d2ceccc34f0b845e6f1

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            342B

            MD5

            39c94945f85a9b0e5a864964910d4f4c

            SHA1

            2070ba76da136c70916d551dfd9326c0f07fbe0f

            SHA256

            2149cbac87e18444931153baf6fbfe18da01362e98a76eae1c3281865a4dad22

            SHA512

            575d7ec84f40ebf3190b65227be65a0a0375640c6cef1ae821ab8b16246fdf70ee78a6a3d18a8a4e533bdad8b31cf5fc8e28f3a4b53740ff9920e53024207610

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            342B

            MD5

            fd9aeb82039fc0773533fef06b28b3c8

            SHA1

            cd2829feaa6e907c1fcb3f1d9b006e45b5d8cdfb

            SHA256

            27e0564f3e10bf19413aaa6fe4e0c2c0299eea6530b095748b7ce4a0865a2ccb

            SHA512

            412fa208c20c782c43071fa7e264430a84cf9a71cc444af99199aca79e3b2cfa263f40da0fee0a6c805cfc803ae14128d5f43b66c6c1d07dec9baadc4687a922

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            342B

            MD5

            9c98d30861d485642bdc37518f66b944

            SHA1

            c06df46cf18136e45b476260fac3e2950b86d109

            SHA256

            459c7f5e843fc5d1ea059b99695de57c1c030794e9e5997af74d8c33b2ae9a13

            SHA512

            6340fadea9c980285219484053a04811c098c95199342068e9401217957e2abe151bad31f1de5acbb10f74ac01ea5e92ec91b8f189dc64f4822c25eb4f3f7138

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            342B

            MD5

            2675974ab8fbad611bec4d457c1ec7bb

            SHA1

            ed16043ad4d32b7b9f36844ad9ad7cf82b5ee038

            SHA256

            78d15fa08e7af25bf45d2146e84d17b0653abb3714f40047b8d9d31d8618f32f

            SHA512

            e85fe124881622628ee0829c51dd0c8a8e848bdb162851ed5083aeda89ed8e6a6b849939919a9f5f5029da51a1900bfb36967be59cb5a78e24796dc96e768ad9

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

            Filesize

            342B

            MD5

            5c69dad84fdc74a5ba2e397ad98743ab

            SHA1

            1a1a97174b0b9fc877a13d3912689615ad31349c

            SHA256

            0c02e1e308a0d7107b28dff701b609d4b83141de38cc93a76d71c597805310c6

            SHA512

            4f5a44047b320089a3e0062fb731c51707deab08dc8275fc994986cb97047a7630daeeddd81dc7832512a08b711d160f94cc2462cdeb62f1fc9dcd5e37959659

          • C:\Users\Admin\AppData\Local\Temp\Cab233.tmp

            Filesize

            70KB

            MD5

            49aebf8cbd62d92ac215b2923fb1b9f5

            SHA1

            1723be06719828dda65ad804298d0431f6aff976

            SHA256

            b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

            SHA512

            bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          • C:\Users\Admin\AppData\Local\Temp\RPI3Z3UB.htm

            Filesize

            341KB

            MD5

            8782606554a5e85aadaf7ad177fb1c69

            SHA1

            69bac40654baa23514680d6266d5aabc611fdbcc

            SHA256

            4c984c4be000b8e05bbeac18a0a4589c8a35579de3393157b4d6aae52190fce2

            SHA512

            be3c95d8f09b93e9a26459ae098b4f565040a9b09fd7c2359eaef83463af9086ba785364ca89687221b9e46ab76eacbea7aea07b062ccc933de2bf13cdb11e34

          • C:\Users\Admin\AppData\Local\Temp\Tar297.tmp

            Filesize

            181KB

            MD5

            4ea6026cf93ec6338144661bf1202cd1

            SHA1

            a1dec9044f750ad887935a01430bf49322fbdcb7

            SHA256

            8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

            SHA512

            6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b