Resubmissions

01/12/2024, 04:04

241201-emxnka1kdm 3

03/11/2024, 22:19

241103-18mldawdjd 3

General

  • Target

    sym.rar

  • Size

    2.9MB

  • MD5

    50ec1ae76edd9b3efe22534f5d496595

  • SHA1

    06d73f242ea3217341313117e1630ab3593d251a

  • SHA256

    eefa4d55b1db8ce31f13dc1ff772282422c95bdf782ca0d023851647d48155e4

  • SHA512

    2d170b576ee6e493b6a458231732a68834c6b90657790a535e886c39aebdadbb39e4260e3460dd64be8fa9e3f7813b44b062a87a1f60a47c58ce2621977d451f

  • SSDEEP

    49152:3ncLKHB+EQMZCj0LGaIVupDMKnEjHn+rj4EkwRGEd+pC/w49Jazcsxy2e09qiiHU:3ncLKHPZCXVj+rjtRGa2C/14VxZeNXHU

Score
3/10

Malware Config

Signatures

  • Embeds OpenSSL 1 IoCs

    Embeds OpenSSL, may be used to circumvent TLS interception.

  • Unsigned PE 10 IoCs

    Checks for missing Authenticode signature.

Files

  • sym.rar
    .rar
  • sym - Copy/Bunifu_UI_v1.52.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • sym - Copy/FastColoredTextBox.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • sym - Copy/SynapseZAPI.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • sym - Copy/bin/Xeno.dll
    .dll windows:6 windows x64 arch:x64

    3a1f9d973bff43051a3daf411f707362


    Headers

    Imports

    Exports

    Sections

  • sym - Copy/bin/libcrypto-3-x64.dll
    .dll windows:6 windows x64 arch:x64

    680b5c239d82da8e527bf24b921948fd


    Headers

    Imports

    Exports

    Sections

  • sym - Copy/bin/libssl-3-x64.dll
    .dll windows:6 windows x64 arch:x64

    b14ebe784f458189a17382fee793f658


    Headers

    Imports

    Exports

    Sections

  • sym - Copy/bin/xxhash.dll
    .dll windows:6 windows x64 arch:x64

    fba6b233846a2ea5e6907e23b2de9a26


    Headers

    Imports

    Exports

    Sections

  • sym - Copy/bin/zstd.dll
    .dll windows:6 windows x64 arch:x64

    f32e8587cacdf9095c309b87f2877ebb


    Headers

    Imports

    Exports

    Sections

  • sym - Copy/cxapis.dll
    .dll windows:4 windows x64 arch:x64


    Headers

    Sections

  • sym - Copy/synapse m.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • sym - Copy/synapse z 4.exe.config
  • sym - Copy/synapse z 4.pdb
  • sym - Copy/workspace/.tests/appendfile.txt
  • sym - Copy/workspace/.tests/getcustomasset.txt
  • sym - Copy/workspace/.tests/isfile.txt
  • sym - Copy/workspace/.tests/listfiles/test_1.txt
  • sym - Copy/workspace/.tests/listfiles/test_2.txt
  • sym - Copy/workspace/.tests/loadfile.txt
  • sym - Copy/workspace/.tests/readfile.txt
  • sym - Copy/workspace/.tests/writefile
  • sym - Copy/workspace/.tests/writefile.txt
  • sym - Copy/workspace/002c19202c9946e6047b0c6e0ad51f84-cache.lua
    .js
  • sym - Copy/workspace/IY_FE.iy
  • sym - Copy/workspace/SimpleSpy/Settings.json
  • sym - Copy/workspace/dex/deps_version.dat
  • sym - Copy/workspace/dex/rbx_api.dat
  • sym - Copy/workspace/dex/rbx_rmd.dat