325046bc8a7d2539b624b03fc99c890b21637fced778dfc9732fb45399be76a1

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
02-01-2025 11:49

Target

SynapseX.exe
Size

42.9MB
MD5

7b3d941aea08723c7d37ebacef5fc9c3
SHA1

ff63cbef47d0dbaa4613bd805ab277063fd71001
SHA256

325046bc8a7d2539b624b03fc99c890b21637fced778dfc9732fb45399be76a1
SHA512

89d36a7fde032004787035d89c38e217083bad894e924f3d93a84ab01c45713e3b809f9a37f4784dbee42eb671fc33f5b18f4cab1c28085b33ca003094ba41ae
SSDEEP

786432:J6/0dbuzcY876N6Z6Zi6/9x9ta9eyq8OThzvcdpJ0q8TPZUd3GfuebvemvnDAV3s:o/0diE7pOiYweyJulZUdgbeEkV37U

Score

7^/10

upx

Loads dropped DLL 1 IoCs

pid	Process
2700	SynapseX.exe

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/files/0x0005000000019423-159.dat	upx
behavioral1/memory/2700-161-0x000007FEF5E40000-0x000007FEF6505000-memory.dmp	upx

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2068 wrote to memory of 2700	2068	SynapseX.exe	30
PID 2068 wrote to memory of 2700	2068	SynapseX.exe	30
PID 2068 wrote to memory of 2700	2068	SynapseX.exe	30

C:\Users\Admin\AppData\Local\Temp\SynapseX.exe
"C:\Users\Admin\AppData\Local\Temp\SynapseX.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2068
- C:\Users\Admin\AppData\Local\Temp\SynapseX.exe
  "C:\Users\Admin\AppData\Local\Temp\SynapseX.exe"
  2⤵
  - Loads dropped DLL
  PID:2700

C:\Users\Admin\AppData\Local\Temp\_MEI20682\python312.dll

Filesize
1.7MB

MD5
ca67f0baf3cc3b7dbb545cda57ba3d81

SHA1
5b4e36aef877307af8a8f78f3054d068d1a9ce89

SHA256
f804ed205e82003da6021ee6d2270733ca00992816e7e89ba13617c96dd0fba3

SHA512
a9f07dd02714c3efba436326425d443969018ace7ebd7cc33c39d43e3d45480a4fcd4c46c09ad132b4f273888f13e9f598de257130429fcb2519c000e4fab6f7

Download Submit
memory/2700-161-0x000007FEF5E40000-0x000007FEF6505000-memory.dmp

Filesize
6.8MB

Download