Overview

overview

7

Static

static

7

Solar_X_Cr....3.dll

windows10-2004-x64

1

Solar_X_Cr...I2.dll

windows10-2004-x64

1

Solar_X_Cr... X.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Solar_X_Crack__Source-main.zip

  • Size

    21.6MB

  • Sample

    220904-b9t96sgcbp

  • MD5

    08e698ee3cf1e5d749bdf6bdc561c219

  • SHA1

    e528759bf6ce912753343c2f2af95d468a6a6277

  • SHA256

    3ecaf86855b7c2073b869af427301d9785b850e4451c595320f9c7d4d1fa81d3

  • SHA512

    c197f6db86fc7fe9b96101604a49f26db71f923f3387626f5bd1edca26f98a55b19ec605b82552a75f617f5ddc474f3a8233bf7e522d94021b59c95a069e21f5

  • SSDEEP

    393216:ivR55CwBjANnlQD0/ikc02eBN7ce2yljmqFizxYFir91BPoklgZ5TrM3s1RD4nlO:STMqANlmPk52e37Nzi8S7ngTfGyI8r

Score
7/10
agilenetpyinstallerspywarestealer

Malware Config

Targets

    • Target

      Solar_X_Crack__Source-main/Bunifu_UI_v1.5.3.dll

    • Size

      516KB

    • MD5

      8cd9953ff0283305f3998f6893c7d244

    • SHA1

      db906639e1b164bb813e3e94e548a4c5549bd36e

    • SHA256

      0a3f02ad6a8f319b352f4ab3222bd57d9699882db065fb344b9828243b1d0015

    • SHA512

      3121712026e63ae2c9df423c24511249895e773a5e56f3fd19dff89eefe58042c990afcd7ffba21bf9f181045b9b4d9f439c7e69114f0f9282adbd707558e133

    • SSDEEP

      12288:MykYXttq4mBpDetgo3DcHGF2HcvHWUSA9uN:iYi4Xt7zcHGFxI+uN

    Score
    1/10
    behavioral1

    • Target

      Solar_X_Crack__Source-main/Guna.UI2.dll

    • Size

      2.3MB

    • MD5

      b7cf1039d089511ff4594d0796dc966b

    • SHA1

      e41d50c48f5381da01ed43967d1024fdaaeedd81

    • SHA256

      9143707613cfa106fc4d7177e6e9f8a544738989b6167cd6578101f1bdb0927a

    • SHA512

      6627a7a810c78a94ff1d52b14d071f8aabd71a2e6b521d2fcea7d865d94f5bcb1dd890f1b93b292035b20127507e32c11c215268e00510e5bf28c6132a4ce2a4

    • SSDEEP

      49152:DpR548WTt9kUHdvAmZL0Th+1n9fr2flQChRigKw1:54JErh0gz1

    Score
    1/10
    behavioral2

    • Target

      Solar_X_Crack__Source-main/Solar X.exe

    • Size

      20.5MB

    • MD5

      1cc7fe4047ba6c4541c1dacd346d368d

    • SHA1

      067e9061fa68525d602e8e890641b470f210177b

    • SHA256

      3e7a6342fb74704d1fec21b70c653095d7a31b2c6aba7bf16d8c98b94af7dc1e

    • SHA512

      d450466fea62f6dd1582e4808ddcdee6198292d91f70ad733499f484d849f186ece7f20288f16154188e0e35889989e676bfb17b548cc89a462d19b53a09420c

    • SSDEEP

      393216:axdyJhoonNK1obI/CL2Vmd6ml/m3pqc/eO47G99M9BJHORJjshFCYp4pMrPe6qww:azyJ+UY1h/CyVmdXKquP+1QjfyDVq5

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks