Overview
overview
3Static
static
1synllc.git...ace.js
windows7-x64
3synllc.git...ace.js
windows10-2004-x64
3synllc.git...ook.js
windows7-x64
3synllc.git...ook.js
windows10-2004-x64
3synllc.git...min.js
windows7-x64
3synllc.git...min.js
windows10-2004-x64
3synllc.git...n.html
windows7-x64
3synllc.git...n.html
windows10-2004-x64
3synllc.git...g.html
windows7-x64
3synllc.git...g.html
windows10-2004-x64
3synllc.git...t.html
windows7-x64
3synllc.git...t.html
windows10-2004-x64
3synllc.git...y.html
windows7-x64
3synllc.git...y.html
windows10-2004-x64
3synllc.git...tor.js
windows7-x64
3synllc.git...tor.js
windows10-2004-x64
3synllc.git...min.js
windows7-x64
3synllc.git...min.js
windows10-2004-x64
3synllc.git...ght.js
windows7-x64
3synllc.git...ght.js
windows10-2004-x64
3synllc.git...x.html
windows7-x64
3synllc.git...x.html
windows10-2004-x64
3synllc.git...n.html
windows7-x64
3synllc.git...n.html
windows10-2004-x64
3synllc.git...n.html
windows7-x64
3synllc.git...n.html
windows10-2004-x64
3synllc.git...min.js
windows7-x64
3synllc.git...min.js
windows10-2004-x64
3synllc.git...ust.js
windows7-x64
3synllc.git...ust.js
windows10-2004-x64
3synllc.git...t.html
windows7-x64
3synllc.git...t.html
windows10-2004-x64
3Analysis
-
max time kernel
29s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
07/11/2024, 22:38
Static task
static1
Behavioral task
behavioral1
Sample
synllc.github.io/synapse-x-documentation/ace.js
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
synllc.github.io/synapse-x-documentation/ace.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
synllc.github.io/synapse-x-documentation/book.js
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
synllc.github.io/synapse-x-documentation/book.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
synllc.github.io/synapse-x-documentation/clipboard.min.js
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
synllc.github.io/synapse-x-documentation/clipboard.min.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
synllc.github.io/synapse-x-documentation/development/dev_introduction.html
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
synllc.github.io/synapse-x-documentation/development/dev_introduction.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
synllc.github.io/synapse-x-documentation/development/supervisor_programming.html
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
synllc.github.io/synapse-x-documentation/development/supervisor_programming.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
synllc.github.io/synapse-x-documentation/development/syn_environment.html
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
synllc.github.io/synapse-x-documentation/development/syn_environment.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
synllc.github.io/synapse-x-documentation/development/syn_security.html
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
synllc.github.io/synapse-x-documentation/development/syn_security.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
synllc.github.io/synapse-x-documentation/editor.js
Resource
win7-20240729-en
Behavioral task
behavioral16
Sample
synllc.github.io/synapse-x-documentation/editor.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
synllc.github.io/synapse-x-documentation/elasticlunr.min.js
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
synllc.github.io/synapse-x-documentation/elasticlunr.min.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
synllc.github.io/synapse-x-documentation/highlight.js
Resource
win7-20240708-en
Behavioral task
behavioral20
Sample
synllc.github.io/synapse-x-documentation/highlight.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
synllc.github.io/synapse-x-documentation/index.html
Resource
win7-20241010-en
Behavioral task
behavioral22
Sample
synllc.github.io/synapse-x-documentation/index.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
synllc.github.io/synapse-x-documentation/install/installation.html
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
synllc.github.io/synapse-x-documentation/install/installation.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
synllc.github.io/synapse-x-documentation/introduction.html
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
synllc.github.io/synapse-x-documentation/introduction.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
synllc.github.io/synapse-x-documentation/mark.min.js
Resource
win7-20240708-en
Behavioral task
behavioral28
Sample
synllc.github.io/synapse-x-documentation/mark.min.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
synllc.github.io/synapse-x-documentation/mode-rust.js
Resource
win7-20241010-en
Behavioral task
behavioral30
Sample
synllc.github.io/synapse-x-documentation/mode-rust.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
synllc.github.io/synapse-x-documentation/print.html
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
synllc.github.io/synapse-x-documentation/print.html
Resource
win10v2004-20241007-en
General
-
Target
synllc.github.io/synapse-x-documentation/development/dev_introduction.html
-
Size
29KB
-
MD5
3f31a83e6a7c2dc6d821940e48be382b
-
SHA1
6de55c9f24a5382f149a5b72f914dc10e742fd3e
-
SHA256
5a9611c5533007b21c5e7e45507744e655ce77ee1b5751cb09ec00494064e0e3
-
SHA512
53226bf2fa4b7475f085cf5b184df0584c520d73abbc891d96d95dac3facf60cf5458cb9aabfa8a7c72df696d8878bb5d7feec96ae9e2f516153e2ca890659f4
-
SSDEEP
384:VJnxfrhuqSDfJsM0Il6Pof/oaADEcvVOjdjkOApO/nf4DaAbFtf0fXUCqZXYjoUr:VJJtRHTfnblK
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language IEXPLORE.EXE -
description ioc Process Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\IntelliForms iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{123B0251-9D59-11EF-98F1-4A174794FC88} = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\InternetRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\GPU iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\IETld\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Toolbar iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch IEXPLORE.EXE Set value (str) \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\PageSetup iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Zoom iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\SearchScopes iexplore.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2416 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 2416 iexplore.exe 2416 iexplore.exe 1644 IEXPLORE.EXE 1644 IEXPLORE.EXE 1644 IEXPLORE.EXE 1644 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2416 wrote to memory of 1644 2416 iexplore.exe 28 PID 2416 wrote to memory of 1644 2416 iexplore.exe 28 PID 2416 wrote to memory of 1644 2416 iexplore.exe 28 PID 2416 wrote to memory of 1644 2416 iexplore.exe 28
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\synllc.github.io\synapse-x-documentation\development\dev_introduction.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2416 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2416 CREDAT:275457 /prefetch:22⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1644
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5bce402d7cd0441cb8ce47ead968153cf
SHA1d174a537270f5deac35967fdda2cb7285e0d7a85
SHA25686d293b05428042312f4a29af2775420059b69e2eb53c8df1bf93208093e03d2
SHA51272997e1b86c6519d207080e4f697ac8a34d887f7bbcac91cd1f3ec2d789d1f0e5bcbee71733ce794180f4e859c8689e3e144f11b12c0c4405cef01d24f19500e
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD589be9a0b1d8a4344f8a3e384c427cc54
SHA1c009e826f95239a73d2fdbb9f760887c23e7d815
SHA256487a99fb3f3d4efbee8b436a56eb7681aaa2632ea27d98f8a9d42c377d20427d
SHA5122d3bf0d8238b67f468fcc6ec915e431d95da1a0325ebe85c8d73230f4a625cb60491d2da68ed1df7125bea0c54a65bffe4fb94d73c0e0866cc50ae2e40386606
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5847b19041615fed417242fa4f6980c1e
SHA1469088046c4210ef9a1348b8b7988ebd84c20e63
SHA256b5c30a80374e5bbc5318e1d5012a232064eca945104a3cc7acc16ce6b7f0a51b
SHA512a6c2360bb2e32b1bf9782b6852540262a8e98e705afc957b0f6f5c03819167715a98312b627d5974d3d210dba0fe8ef73444c6a53a30a1229a74e92699344dec
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5ff61d52eef1e3af945b94f1224e5deef
SHA10b4aa07981db00fda1e2dacf90fa2649c912e7f0
SHA256a7650ef6ec20b6d63da42db25904f6acf30f518cfe6b1f4bffcebdebb5d1ce1b
SHA512977b1bed12af64bccdefa59332019b9a183da587ee8fb4d26feb25990d71d4fb8394ec329ffbec8faa9af6d05da2d0a00b47075edc3b1dc133c55660bedc2ba9
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5c6fd65056a42a1af9a9493116d8f5f1d
SHA17782da6d360e1a2b6e918c9f66be12e98458d27d
SHA256497e1fdf32523f36c6f92861663c5d1939d2c8e37e77d1e8f07a7e545a52e1ee
SHA512ba29a89379e7debf99ed20ea7323bb72af9e2ca7e3d4d313cd45e52d2bb6c17373a533c3a79678b5ad85d414b4fa30391b33535ba457fb44eeceb7897025cea7
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5c25aed38eff5f5f69bf5fb9115881b2f
SHA1b7d2257625f0eb5d1fa35fa409cab1239812614d
SHA256fb3fe30e7c1d6739b93cdd59f9619fc96bee04b223c9bd6a8cbf0950df07bca9
SHA512acdcc8ebd73eefce2fc68dfed02144aa763dc9ad6bcd5fc3c92684d8fa748a92d6ea196772bf7f7a3a18c9701c517b89e1ce4cc606ec96f20d4da5c86cdf8e01
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5209a1bd9bae766f2df8b0d80dcf6e9ad
SHA16e415733e62f55e987ab712bed86315dcab06d36
SHA2569c21f9e1bf0b112aecbe9f9cc4305867cea339b7d3bddba2d267d50dd358dc16
SHA5123ceccad0abcd0a182e56f9e5c11a8d622fd467b60cc04dfd7ddbe55216a446033e2cb72f02a6de6e3206cace662e296bbfd9596979d0d82802ce0c31913d76b4
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5738d889494702452cd913f30fa0695e1
SHA174e6676f403a51f25e191b98d6598cb862bddffa
SHA256cc0cf3b5b89e291475bcf1077614a5cf99cfb17af1dd75ad7bf52dc1e1cb8670
SHA51281a5e327a278069ebb0b2b6156586229bd1bcf4beb9288ce6d76cae72546a619f3327ade91cb52d16670407759a1e08d35b93295f092c706b87e4423497bc515
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b