executeScript
inject
Static task
static1
1 signatures
General
-
Target
Solara.dll
-
Size
965KB
-
MD5
d1d1c5b97666f91a18f3993d39450a01
-
SHA1
13d35cdb56a2ef440d0605a945c4cf3ebe25cf20
-
SHA256
fd944c9070633dfc27544c0a3325a39cda027d77990629e7ba480b28767134be
-
SHA512
d41a1ead23128063348c33bb3fe30ba5574d6a4011d0edd73785b3a8725b2c47444bbf5ac0d9e504131025c01535a39be1dfd6fae515436d4818e31f6774217e
-
SSDEEP
24576:p9NJeK+6mo9HmDd9bgrid2NUYmd334LCv6oMDlDbG0N:h1m/bJdGm94LwYDlDbF
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Solara.dll
Files
-
Solara.dll.dll windows:6 windows x64 arch:x64
e50a052c8394c38de781947af4f71646
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
libcurl
curl_mime_free
curl_easy_cleanup
curl_easy_init
curl_free
curl_easy_escape
curl_easy_getinfo
curl_easy_perform
curl_easy_setopt
curl_version_info
curl_slist_free_all
curl_slist_append
kernel32
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualQueryEx
K32QueryWorkingSetEx
ReadProcessMemory
GetCurrentProcess
LocalAlloc
LocalFree
CloseHandle
WriteProcessMemory
VirtualAllocEx
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
GetExitCodeProcess
Sleep
QueryFullProcessImageNameW
IsDebuggerPresent
AllocConsole
SetConsoleTitleW
GetStdHandle
GetLastError
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
EnterCriticalSection
WakeAllConditionVariable
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
AreFileApisANSI
FormatMessageA
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
WideCharToMultiByte
SetFileInformationByHandle
GetFileAttributesExW
CopyFileW
GetFileInformationByHandleEx
MultiByteToWideChar
user32
OpenClipboard
SetClipboardData
CloseClipboard
MessageBoxA
EmptyClipboard
advapi32
SetSecurityDescriptorDacl
AddAccessDeniedAce
InitializeAcl
FreeSid
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetKernelObjectSecurity
msvcp140
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
_Cnd_do_broadcast_at_thread_exit
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?uncaught_exceptions@std@@YAHXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Thrd_detach
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_alloc@std@@YAXXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Throw_C_error@std@@YAXH@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
ntdll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memcpy
memcmp
__C_specific_handler
memchr
memmove
_purecall
__std_exception_destroy
__std_exception_copy
__std_terminate
__current_exception
_CxxThrowException
__std_type_info_destroy_list
memset
__current_exception_context
api-ms-win-crt-stdio-l1-1-0
freopen_s
__stdio_common_vsprintf
ungetc
fputc
fflush
__acrt_iob_func
fgetc
fclose
_get_stream_buffer_pointers
fread
fwrite
fgetpos
_fseeki64
fsetpos
setvbuf
api-ms-win-crt-runtime-l1-1-0
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_errno
_invalid_parameter_noinfo
_configure_narrow_argv
_seh_filter_dll
terminate
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_beginthreadex
api-ms-win-crt-heap-l1-1-0
_callnewh
malloc
free
api-ms-win-crt-convert-l1-1-0
strtol
strtod
mbstowcs
strtoul
atoi
strtoll
strtoull
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_unlock_file
api-ms-win-crt-string-l1-1-0
tolower
strspn
strcmp
strcpy_s
strnlen
api-ms-win-crt-math-l1-1-0
atan2
ceil
cos
cosh
exp
fmod
log
log10
sin
asin
sqrt
tan
tanh
round
log2
ldexp
pow
atan
floor
sinh
_dsign
_dclass
acos
api-ms-win-crt-locale-l1-1-0
localeconv
___lc_codepage_func
Exports
Exports
Sections
.text Size: 793KB - Virtual size: 793KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 136KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ