Solaris[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Solaris.exe
Size

140KB
MD5

1b73ed1a41b55a5483d4b1859d5f6331
SHA1

7f3bc80c483ea05a4904415f3da73090be6fc2dc
SHA256

0b3e82184deec0f42b5cf93c3faa286d89a7244c17e1895bf3075a38e67be701
SHA512

8865d259c90c8ff1fa1c7c5d40e336516381e54b9ed669b37b01c02cd99b1bb203deeeb042ae03446fe90677dc4a778b5a19f6fd28493be2550bf1cc972388d3
SSDEEP

3072:BNQaLbCu+vYDlyHCk/KyUuRdLDhwHeL7nxBUvXvtaIA2XPks0WriO:1J+vYDlyHCk/TUuRvL7xocIAwPkv4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Solaris.exe

Files

Solaris.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administradoor\Desktop\Solaris Source\obj\Release\net472\Solaris.pdb

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ