PUA_SUSP_Synchro_Remote_Access_Installer_Dec22_1

Rule Info

Description
Detects legitimate Synchro installers as used by several threat actors for remote accessing their victims
Score
60
Date
2022-12-09
Minimum Yara
1.7
Name
PUA_SUSP_Synchro_Remote_Access_Installer_Dec22_1
Required Modules
[]
Author
Florian Roth
Rule Hash
fa5acf44c431d55af34ba63819578b9f
Tags
['SUSP', 'FILE']

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
16
Suspicious (< 10 engines)
18
Clean (0 engines)
14

Rule Matches

Hash
Timestamp
Positives
Total
VT
a0361c375c3ff0a311ab7d8c82e6891ca1b93d085d5c88cb67093ad35a62d36e
2023-02-02 13:08:08
0
59
b80b65f5d2588081be65108b90b5440d73adfb3976d378654cf7badd082d6e81
2023-02-02 13:07:49
0
62
1c0ada0a8b419e36ab645e09f67cf07ed12e3f888ef517e941e1d340005bbdc9
2023-02-01 18:05:30
9
61
59fc48b41e22e334f2e78a9ee0fa618d4428cb7f31eae4d31154602730dfa984
2023-01-31 17:03:33
0
62
3236ada7c2370f6ea2c1681c3f5b7d52067a5cb7bd4c9dfec816ce27986752c8
2023-01-24 09:12:12
0
62
e487d6c8dfdf6129a89c1699749ad2234a7cacf64983a250eb128983a868cbff
2023-01-22 14:38:25
0
62
97f6a7ee7bda15c127f0dca9668a9186a9a62c59b99e0211e75ce1c62a8e60ea
2023-01-18 23:58:07
7
61
27326ffb94e40c3c7c74b6571ce95ec2aaa8d8e7dc2a8745782ac7df063ceccc
2023-01-18 23:52:46
0
62
1cba9782572a987e3bd24711da8f1890560077966ea60adb737fedc24b9e4d30
2023-01-18 23:50:29
7
62
a36b86edbc8cfc7006ba953184bf141091d1396098e82510ad473ffcae818363
2023-01-18 01:00:02
7
62
a3b1a3ac2f3fbb11066a0686ff8882270c0228d0a8afe3452799cdc6539e6ff2
2023-01-13 21:00:01
0
62
1799d8261aca7c604365b75c789c46a74b334c6dfd149a17e1bbc86570fdf488
2023-01-13 18:27:53
0
62
56a12410678900788c4f5c05f76d262ce00af5558c977a9a5aab9b8f58112c57
2023-01-13 16:45:22
2
50
9fad7afeb555c95ba4f55ac3238e88eb098c7f9f1ab1796c930c5de54634801e
2023-01-12 10:07:45
12
55
c736aed32ffd44abb76935bbc1f71761f0475a47985fd5e24cdbd3be940026fc
2023-01-11 22:15:46
0
61
416b83888bdbe8973b4f8ba440ccde1c9472a818fda96697e7c652438e1b7769
2023-01-10 03:16:52
0
62
a0e4cfc22b9ef90bf9ed1058de942cd338a7d7f694a77e0797d6eb534e4954a7
2023-01-09 14:16:16
0
62
f75b077a0f98d9c333be61eca31b7a6d1654ca6327b8d0260710a20078d75539
2023-01-08 19:16:58
5
61
505a5417a587f1bf3a5010801598212dbc5bfd1d31ab69dd492115ffa4fa05f2
2023-01-05 19:32:08
16
63
29a436f8e64fddd29464c122df4efb0b11487761621dbeb98b34a07d957de33a
2023-01-03 07:11:22
15
58
3819e0adde0bc504141a36200ca755ba92e5e6e93d741d885da0c74a1808268a
2022-12-30 08:10:37
15
58
1c51888bbe778501a52a7084e3522006d09f5a51f9e2b23b116f464c98a9b1fc
2022-12-27 07:42:41
18
63
490206de4b54f615c20b5c0a43444f1c97bb562d7c9e7fe97ab491a5dd7bf5c8
2022-12-21 11:12:41
0
63
04ab41e0cdf114a0662e513723a0f6425355fe24b141165a464067b5e9ace201
2022-12-21 08:18:13
8
46
0541140595d9643dddfdb117c9151bb9b4169af5c16cd051f52ac6c6d1700b46
2022-12-21 07:54:33
6
62
248339e40e4ad23e5b5092187ec4686fbb679cf4f222aff56e522b92c78602ab
2022-12-21 04:04:00
6
63
732cf191e385a084b04cfa7c9bc1d387457da44e16b2a545087071c9717a1b08
2022-12-20 21:12:30
0
62
618ddcb8b62ce1043739d5bb8fd8b03b1e890c715ddf34e4d66ee919fef22c21
2022-12-20 07:45:52
4
62
8c2661aa6026a775bda0a0b6bb4cb851022d0373a7286d50f063df752a746299
2022-12-19 23:25:11
4
63
433b47f40f47bea0889423ab96deb1776f47e9faa946e7c5089494ed00c6cc29
2022-12-18 06:33:36
8
63
f24ce8e6679893049ce4e5a03bc2d8c7e44bf5b918bf8bf1c2e45c5de4d11e56
2022-12-18 06:31:38
11
63
653046fa62d3c9325dbff5cb7961965a8bf5f96fa4e815b494c8d3e165b9c94a
2022-12-18 06:31:33
16
63
4e80bd62d02f312b06a0c96e1b5d1c6fd5a8af4e051f3f7f90e2976580842515
2022-12-18 06:31:33
9
62
76ab046de18e20fd5cddbb90678389001361a430a0dc6297363ff10efbcb0fa8
2022-12-18 06:31:33
10
63
2a5f74e8268ad2d38c18f57a19d723b72b2dadd11b3ab993507dd2863d18008d
2022-12-18 06:31:33
14
63
331b513cf17568329c7d5f1bac1d14f38c77f8d4adba40c48dab6baf98854f92
2022-12-18 06:31:33
17
63
e217c48c435a04855cf0c439259a95392122064002d4881cf093cc59f813aba8
2022-12-18 06:10:30
18
63
a35a1c92c001b59605efd318655d912f2bcd4e745da2b4a1e385d289e12ee905
2022-12-18 06:10:27
5
63
e87fe81352ebda0cfc0ae785ebfc51a8965917235ee5d6dc6ca6b730eda494cf
2022-12-18 06:10:25
10
63
dc7e102a2c68f7e3e15908eb6174548ce3d13a94caadf76e1a4ee834dc17a271
2022-12-18 06:10:24
11
62
aa282daa9da3d6fc2dc6d54d453f4c23b746ada5b295472e7883ee6e6353b671
2022-12-18 06:10:24
8
62
697580cf4266fa7d50fd5f690eee1f3033d3a706eb61fc1fca25471dbc36e684
2022-12-17 18:16:42
4
63
4550b4fa89ff70d8ea59d350ad8fc537ceaad13779877f2761d91d69a2c445b2
2022-12-17 11:33:42
10
63
027cd1cd5b3eadd2d3b7ee51a73c08eae375c1a77f7f115e29f29f682b7e4bf1
2022-12-17 08:16:18
3
54
7e8e63500ac09e210c4becb7df20d4b3b18769ab6f357b911e59a54a7e779cae
2022-12-16 07:28:56
4
63
8027ba819f99e5bb1afe44709a497e7dff59db074c9f84baac0e269b196f9073
2022-12-16 02:39:29
0
63
4d24b326d0335e122c7f6adaa22e8237895bdf4c6d85863cf8e84cfcc0503e69
2022-12-16 02:14:49
10
63
011cb37733cdf01c689d12fedc4a3eda8b0f6c4dcdeef1719004c32ee331198e
2022-12-15 23:40:36
15
62

Rule Matches per Month (last 24 months)