General
-
Target
Solar_X_Crack__Source-main.zip
-
Size
21.6MB
-
Sample
220904-b9t96sgcbp
-
MD5
08e698ee3cf1e5d749bdf6bdc561c219
-
SHA1
e528759bf6ce912753343c2f2af95d468a6a6277
-
SHA256
3ecaf86855b7c2073b869af427301d9785b850e4451c595320f9c7d4d1fa81d3
-
SHA512
c197f6db86fc7fe9b96101604a49f26db71f923f3387626f5bd1edca26f98a55b19ec605b82552a75f617f5ddc474f3a8233bf7e522d94021b59c95a069e21f5
-
SSDEEP
393216:ivR55CwBjANnlQD0/ikc02eBN7ce2yljmqFizxYFir91BPoklgZ5TrM3s1RD4nlO:STMqANlmPk52e37Nzi8S7ngTfGyI8r
Behavioral task
behavioral1
Sample
Solar_X_Crack__Source-main/Bunifu_UI_v1.5.3.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral2
Sample
Solar_X_Crack__Source-main/Guna.UI2.dll
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
Solar_X_Crack__Source-main/Bunifu_UI_v1.5.3.dll
-
Size
516KB
-
MD5
8cd9953ff0283305f3998f6893c7d244
-
SHA1
db906639e1b164bb813e3e94e548a4c5549bd36e
-
SHA256
0a3f02ad6a8f319b352f4ab3222bd57d9699882db065fb344b9828243b1d0015
-
SHA512
3121712026e63ae2c9df423c24511249895e773a5e56f3fd19dff89eefe58042c990afcd7ffba21bf9f181045b9b4d9f439c7e69114f0f9282adbd707558e133
-
SSDEEP
12288:MykYXttq4mBpDetgo3DcHGF2HcvHWUSA9uN:iYi4Xt7zcHGFxI+uN
Score1/10 -
-
-
Target
Solar_X_Crack__Source-main/Guna.UI2.dll
-
Size
2.3MB
-
MD5
b7cf1039d089511ff4594d0796dc966b
-
SHA1
e41d50c48f5381da01ed43967d1024fdaaeedd81
-
SHA256
9143707613cfa106fc4d7177e6e9f8a544738989b6167cd6578101f1bdb0927a
-
SHA512
6627a7a810c78a94ff1d52b14d071f8aabd71a2e6b521d2fcea7d865d94f5bcb1dd890f1b93b292035b20127507e32c11c215268e00510e5bf28c6132a4ce2a4
-
SSDEEP
49152:DpR548WTt9kUHdvAmZL0Th+1n9fr2flQChRigKw1:54JErh0gz1
Score1/10 -
-
-
Target
Solar_X_Crack__Source-main/Solar X.exe
-
Size
20.5MB
-
MD5
1cc7fe4047ba6c4541c1dacd346d368d
-
SHA1
067e9061fa68525d602e8e890641b470f210177b
-
SHA256
3e7a6342fb74704d1fec21b70c653095d7a31b2c6aba7bf16d8c98b94af7dc1e
-
SHA512
d450466fea62f6dd1582e4808ddcdee6198292d91f70ad733499f484d849f186ece7f20288f16154188e0e35889989e676bfb17b548cc89a462d19b53a09420c
-
SSDEEP
393216:axdyJhoonNK1obI/CL2Vmd6ml/m3pqc/eO47G99M9BJHORJjshFCYp4pMrPe6qww:azyJ+UY1h/CyVmdXKquP+1QjfyDVq5
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-