Analysis

  • max time kernel
    29s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2024, 22:38

General

  • Target

    synllc.github.io/synapse-x-documentation/development/dev_introduction.html

  • Size

    29KB

  • MD5

    3f31a83e6a7c2dc6d821940e48be382b

  • SHA1

    6de55c9f24a5382f149a5b72f914dc10e742fd3e

  • SHA256

    5a9611c5533007b21c5e7e45507744e655ce77ee1b5751cb09ec00494064e0e3

  • SHA512

    53226bf2fa4b7475f085cf5b184df0584c520d73abbc891d96d95dac3facf60cf5458cb9aabfa8a7c72df696d8878bb5d7feec96ae9e2f516153e2ca890659f4

  • SSDEEP

    384:VJnxfrhuqSDfJsM0Il6Pof/oaADEcvVOjdjkOApO/nf4DaAbFtf0fXUCqZXYjoUr:VJJtRHTfnblK

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\synllc.github.io\synapse-x-documentation\development\dev_introduction.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2416
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2416 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1644

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bce402d7cd0441cb8ce47ead968153cf

          SHA1

          d174a537270f5deac35967fdda2cb7285e0d7a85

          SHA256

          86d293b05428042312f4a29af2775420059b69e2eb53c8df1bf93208093e03d2

          SHA512

          72997e1b86c6519d207080e4f697ac8a34d887f7bbcac91cd1f3ec2d789d1f0e5bcbee71733ce794180f4e859c8689e3e144f11b12c0c4405cef01d24f19500e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          89be9a0b1d8a4344f8a3e384c427cc54

          SHA1

          c009e826f95239a73d2fdbb9f760887c23e7d815

          SHA256

          487a99fb3f3d4efbee8b436a56eb7681aaa2632ea27d98f8a9d42c377d20427d

          SHA512

          2d3bf0d8238b67f468fcc6ec915e431d95da1a0325ebe85c8d73230f4a625cb60491d2da68ed1df7125bea0c54a65bffe4fb94d73c0e0866cc50ae2e40386606

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          847b19041615fed417242fa4f6980c1e

          SHA1

          469088046c4210ef9a1348b8b7988ebd84c20e63

          SHA256

          b5c30a80374e5bbc5318e1d5012a232064eca945104a3cc7acc16ce6b7f0a51b

          SHA512

          a6c2360bb2e32b1bf9782b6852540262a8e98e705afc957b0f6f5c03819167715a98312b627d5974d3d210dba0fe8ef73444c6a53a30a1229a74e92699344dec

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ff61d52eef1e3af945b94f1224e5deef

          SHA1

          0b4aa07981db00fda1e2dacf90fa2649c912e7f0

          SHA256

          a7650ef6ec20b6d63da42db25904f6acf30f518cfe6b1f4bffcebdebb5d1ce1b

          SHA512

          977b1bed12af64bccdefa59332019b9a183da587ee8fb4d26feb25990d71d4fb8394ec329ffbec8faa9af6d05da2d0a00b47075edc3b1dc133c55660bedc2ba9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c6fd65056a42a1af9a9493116d8f5f1d

          SHA1

          7782da6d360e1a2b6e918c9f66be12e98458d27d

          SHA256

          497e1fdf32523f36c6f92861663c5d1939d2c8e37e77d1e8f07a7e545a52e1ee

          SHA512

          ba29a89379e7debf99ed20ea7323bb72af9e2ca7e3d4d313cd45e52d2bb6c17373a533c3a79678b5ad85d414b4fa30391b33535ba457fb44eeceb7897025cea7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c25aed38eff5f5f69bf5fb9115881b2f

          SHA1

          b7d2257625f0eb5d1fa35fa409cab1239812614d

          SHA256

          fb3fe30e7c1d6739b93cdd59f9619fc96bee04b223c9bd6a8cbf0950df07bca9

          SHA512

          acdcc8ebd73eefce2fc68dfed02144aa763dc9ad6bcd5fc3c92684d8fa748a92d6ea196772bf7f7a3a18c9701c517b89e1ce4cc606ec96f20d4da5c86cdf8e01

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          209a1bd9bae766f2df8b0d80dcf6e9ad

          SHA1

          6e415733e62f55e987ab712bed86315dcab06d36

          SHA256

          9c21f9e1bf0b112aecbe9f9cc4305867cea339b7d3bddba2d267d50dd358dc16

          SHA512

          3ceccad0abcd0a182e56f9e5c11a8d622fd467b60cc04dfd7ddbe55216a446033e2cb72f02a6de6e3206cace662e296bbfd9596979d0d82802ce0c31913d76b4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          738d889494702452cd913f30fa0695e1

          SHA1

          74e6676f403a51f25e191b98d6598cb862bddffa

          SHA256

          cc0cf3b5b89e291475bcf1077614a5cf99cfb17af1dd75ad7bf52dc1e1cb8670

          SHA512

          81a5e327a278069ebb0b2b6156586229bd1bcf4beb9288ce6d76cae72546a619f3327ade91cb52d16670407759a1e08d35b93295f092c706b87e4423497bc515

        • C:\Users\Admin\AppData\Local\Temp\Cab6DC4.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar6E63.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b