Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
10Static
static
3SynapseZ C...er.exe
windows11-21h2-x64
10SynapseZ C...7c.bin
windows11-21h2-x64
3SynapseZ C...Ek.exe
windows11-21h2-x64
3SynapseZ C...re.dll
windows11-21h2-x64
3SynapseZ C...ss.exe
windows11-21h2-x64
3SynapseZ C...re.dll
windows11-21h2-x64
3SynapseZ C...pf.dll
windows11-21h2-x64
3SynapseZ C...rp.dll
windows11-21h2-x64
3SynapseZ C...r.html
windows11-21h2-x64
3SynapseZ C...tt.exe
windows11-21h2-x64
3SynapseZ C...or.dll
windows11-21h2-x64
9SynapseZ C...lf.dll
windows11-21h2-x64
3SynapseZ C...47.dll
windows11-21h2-x64
3SynapseZ C...GL.dll
windows11-21h2-x64
3SynapseZ C...v2.dll
windows11-21h2-x64
3SynapseZ C...mp.exe
windows11-21h2-x64
9Analysis
-
max time kernel
7s -
platform
windows11-21h2_x64 -
resource
win11-20241007-en -
resource tags
arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system -
submitted
18/11/2024, 01:29
Static task
static1
Behavioral task
behavioral1
Sample
SynapseZ Cracked V5.2/Synapse X Launcher.exe
Resource
win11-20241023-en
Behavioral task
behavioral2
Sample
SynapseZ Cracked V5.2/auth/internal/3132e54eb7c.bin
Resource
win11-20241007-en
Behavioral task
behavioral3
Sample
SynapseZ Cracked V5.2/bin/359k6u5HUNL4tEk.exe
Resource
win11-20241007-en
Behavioral task
behavioral4
Sample
SynapseZ Cracked V5.2/bin/CefSharp.BrowserSubprocess.Core.dll
Resource
win11-20241007-en
Behavioral task
behavioral5
Sample
SynapseZ Cracked V5.2/bin/CefSharp.BrowserSubprocess.exe
Resource
win11-20241023-en
Behavioral task
behavioral6
Sample
SynapseZ Cracked V5.2/bin/CefSharp.Core.dll
Resource
win11-20241007-en
Behavioral task
behavioral7
Sample
SynapseZ Cracked V5.2/bin/CefSharp.Wpf.dll
Resource
win11-20241007-en
Behavioral task
behavioral8
Sample
SynapseZ Cracked V5.2/bin/CefSharp.dll
Resource
win11-20241007-en
Behavioral task
behavioral9
Sample
SynapseZ Cracked V5.2/bin/Editor.html
Resource
win11-20241007-en
Behavioral task
behavioral10
Sample
SynapseZ Cracked V5.2/bin/OoxIi8qtt.exe
Resource
win11-20241007-en
Behavioral task
behavioral11
Sample
SynapseZ Cracked V5.2/bin/SynapseInjector.dll
Resource
win11-20241007-en
Behavioral task
behavioral12
Sample
SynapseZ Cracked V5.2/bin/chrome_elf.dll
Resource
win11-20241007-en
Behavioral task
behavioral13
Sample
SynapseZ Cracked V5.2/bin/d3dcompiler_47.dll
Resource
win11-20241023-en
Behavioral task
behavioral14
Sample
SynapseZ Cracked V5.2/bin/libEGL.dll
Resource
win11-20241007-en
Behavioral task
behavioral15
Sample
SynapseZ Cracked V5.2/bin/libGLESv2.dll
Resource
win11-20241007-en
General
-
Target
SynapseZ Cracked V5.2/bin/CefSharp.Wpf.dll
-
Size
83KB
-
MD5
1533d9b2ed991ad4fecef548dc762565
-
SHA1
7a0664cc6bdc5ffd23c4aba43fa7b2acdfe949f4
-
SHA256
8e6e874d51f654c1c081cd1658a2e4ad8e3b92e74f9406e8c4eb34d354ab8791
-
SHA512
710677d3c6ebff9da638d22a3ae800eb12ba947aad9acb4e42f9e9268ade1b8dde680b4aa135121851285943aecc0fc9be85c5ca8a269d6857b35e905c7b7c12
-
SSDEEP
1536:VdX1kcRoMy1tkZBjxQVhfcmzedNTppNCSyh1FPmyGx8Nge8Fu/mGmDtcOd:VdFLoMk24ClwNge8FPGMf
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language rundll32.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1464 wrote to memory of 3948 1464 rundll32.exe 77 PID 1464 wrote to memory of 3948 1464 rundll32.exe 77 PID 1464 wrote to memory of 3948 1464 rundll32.exe 77
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\SynapseZ Cracked V5.2\bin\CefSharp.Wpf.dll",#11⤵
- Suspicious use of WriteProcessMemory
PID:1464 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\SynapseZ Cracked V5.2\bin\CefSharp.Wpf.dll",#12⤵
- System Location Discovery: System Language Discovery
PID:3948
-