Static task
static1
Behavioral task
behavioral1
Sample
solarmarker04272022.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
solarmarker04272022.dll
Resource
win10v2004-20220414-en
General
-
Target
solarmarker04272022.dll
-
Size
759KB
-
MD5
0e268f4bd242624bbdbce42fa71ca222
-
SHA1
dae42bc4869bdc5417f8805615e8072e050158eb
-
SHA256
56be46171da5aa65aa8ad5eec2252259fb8f9a3539c821377de357af7e459041
-
SHA512
a7de3a4ea19f0fdcb0d8a735d7dabe681d29fcc9d06b7b2cde150c237f119ec72b2c03a9543f8f35e735ba9c4d4de0a07a78f127df250e5cbca70450dd202279
-
SSDEEP
12288:CpHkCC+/FEYhb/HyyOS7PMDA3BZXlLqxNJtuUhFbg/hYu:6HY8Emb/POS7PMDA33gxwUhVwy
Malware Config
Extracted
jupyter
http://37.120.247.120
Signatures
-
Jupyter family
Files
-
solarmarker04272022.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorDllMain
Sections
.text Size: 412KB - Virtual size: 412KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 346KB - Virtual size: 345KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ