solarissetup[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

solarissetup.exe
Size

23.3MB
MD5

1d8dd924dd4788873d2190165d17d7f0
SHA1

15c2e265e17f0f26ba735356d57c3ddc41c83f17
SHA256

8ad15a940bf2e09ee9dc1166379dda776c41a0eed9a7fbffbd1e6e2818492ae2
SHA512

2e2f48df40688a5337cb64883f5632562ee3c5bee7355d5bbdfd75e585c9db66b4ca4e4962c280c0e4200ab25b5e9a9ed393393ee86195bf43433011922b8d33
SSDEEP

393216:P9xKq68b29GT1gTr94i9Eh3sk6QmCb/WFdDhKxdyXxfrmyYpaD+/zOJ302tfkzTz:Fx7bzT1gTrLm3skxOFHK7yXJiaK/6J3m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
solarissetup.exe

Files

solarissetup.exe
.exe windows:4 windows x86 arch:x86

c4dfd81799750b8216e23427ad6f5f1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

system
setlocale
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_controlfp
memcpy
memset
log10
_wfopen
fseek
fclose
wcsncpy
wcslen
wcscpy
wcscat
wcscmp
memmove
memcmp
_stricmp
sscanf
atoi
strlen
strcpy
strcat
sprintf
malloc
free
_wstat
_wcsdup
strcmp
_isnan
_finite
fread
longjmp
_setjmp3
ftell
_wcsicmp
wcsncmp
_snwprintf
tolower
floor
localtime
mktime
_wcsnicmp
_itow
gmtime
pow
??3@YAXPAX@Z
wcsstr
ceil
_CIpow
calloc
_errno
strrchr
strchr
strncpy
memchr
strncmp
_strdup
_close
_lseeki64
realloc
_snprintf
abort
_wopen
_setmode
wcschr
_open_osfhandle
wctomb
_get_osfhandle
_open
toupper
mbstowcs
time
qsort
ctime
strcspn
strftime
frexp
modf
fopen
strerror
atof
fflush
fwrite
__p__iob
fprintf
getenv
_stati64
_ftime
_vsnwprintf
cos
fmod
sin
abs

kernel32

GetSystemInfo
GetDiskFreeSpaceExW
HeapDestroy
ExitProcess
GetUserDefaultLangID
GetModuleHandleW
HeapCreate
CreateMutexW
LoadLibraryW
GetLastError
CloseHandle
FindResourceW
LoadResource
FreeLibrary
SizeofResource
LockResource
ExpandEnvironmentStringsW
GetCurrentProcess
GetStartupInfoA
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
CreateThread
HeapAlloc
HeapFree
Sleep
CreateFileW
GetFileSize
ReadFile
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
SetEnvironmentVariableW
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessW
GetModuleFileNameW
GetProfileStringW
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
SetEndOfFile
WriteFile
DeleteFileW
HeapReAlloc
GetVersionExW
SetLastError
FindFirstFileW
FindNextFileW
FindClose
SetFileAttributesW
RemoveDirectoryW
GetDriveTypeW
GetFileAttributesW
CopyFileW
GetTempPathW
MulDiv
GetLocalTime
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFree
GlobalAlloc
TlsFree
DeleteCriticalSection
InterlockedCompareExchange
InterlockedExchange
HeapSize
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
IsValidCodePage
GetACP
GetOEMCP
GetFileType
PeekNamedPipe
GetFileInformationByHandle
GetFileAttributesA
CreateFileA
GetExitCodeProcess
GetFullPathNameW
UnregisterWait
GetCurrentThread
RegisterWaitForSingleObject

user32

SendMessageW
GetSysColor
RedrawWindow
SetRect
GetWindowTextLengthW
GetWindowLongW
GetDlgCtrlID
GetActiveWindow
DestroyIcon
SetWindowLongW
UpdateLayeredWindow
IsWindowEnabled
IsWindowVisible
ExitWindowsEx
LoadIconW
RegisterClassExW
CreateWindowExW
BeginPaint
EndPaint
DefWindowProcW
MessageBoxW
PostMessageW
GetForegroundWindow
GetWindowThreadProcessId
EnableWindow
EnumWindows
SetWindowPos
GetWindowTextW
GetWindowRect
GetParent
MapWindowPoints
MoveWindow
InvalidateRect
DestroyWindow
GetDC
GetSystemMetrics
ReleaseDC
ScreenToClient
ClientToScreen
SetFocus
ShowWindow
CallWindowProcW
GetClientRect
FillRect
LoadCursorW
SetClassLongW
GetIconInfo
UpdateWindow
ReleaseCapture
DrawStateW
SetCapture
GetSysColorBrush
DrawTextW
ValidateRect
RemovePropW
SetPropW
GetWindow
GetAsyncKeyState
SetWindowTextW
GetPropW
SetScrollPos
InflateRect
GetWindowDC
SystemParametersInfoW
GetFocus
GetClassNameW
EnumPropsExW
RegisterClassW
AdjustWindowRectEx
UnregisterClassW
CreateAcceleratorTableW
GetMenu
DestroyAcceleratorTable
SetActiveWindow
IsZoomed
IsIconic
SetTimer
PeekMessageW
MsgWaitForMultipleObjects
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
KillTimer
DefFrameProcW
EnumChildWindows
GetKeyState
IsChild
RegisterWindowMessageW
CreateIconFromResourceEx
CreateIconFromResource
CharLowerW
DrawIconEx

gdi32

StartDocW
GetMapMode
SetMapMode
GetDeviceCaps
DPtoLP
StartPage
EndPage
EndDoc
SetBkColor
GetStockObject
CreateDCW
SelectObject
GetTextExtentPoint32W
GetObjectType
GetObjectW
DeleteObject
SetTextColor
ExcludeClipRect
CreateFontIndirectW
CreateSolidBrush
SelectClipRgn
CreateRectRgnIndirect
GetClipRgn
ExtSelectClipRgn
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
GdiGetBatchLimit
GdiSetBatchLimit
BitBlt
SetStretchBltMode
SetBrushOrgEx
StretchBlt
CreateDIBSection
CreateBitmap
SetPixel
GetDIBits
CreateFontW
SetBkMode
SetTextAlign
TextOutW
GetTextMetricsW
GetPixel

comdlg32

PrintDlgW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptCreateHash

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance
CoCreateGuid
StringFromGUID2
RevokeDragDrop

shell32

ord165
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
SHBrowseForFolderW
ExtractIconW
ShellExecuteExW

gdiplus

GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipDeleteMatrix
GdipDeletePen
GdipDeleteStringFormat
GdipFree
GdipGetDpiX
GdipGetDpiY

comctl32

InitCommonControlsEx
ImageList_Replace
ImageList_Add
ImageList_ReplaceIcon
ImageList_Remove
ImageList_AddMasked
ImageList_Destroy
ImageList_Create

Sections

.text
Size: 777KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4dfd81799750b8216e23427ad6f5f1c

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

ole32

shell32

gdiplus

comctl32

Sections

.text Size: 777KB - Virtual size: 776KB

.rdata Size: 90KB - Virtual size: 90KB

.eh_fram Size: 22KB - Virtual size: 21KB

.data Size: 56KB - Virtual size: 63KB

.rsrc Size: 15KB - Virtual size: 16KB

.text
Size: 777KB - Virtual size: 776KB

.rdata
Size: 90KB - Virtual size: 90KB

.eh_fram
Size: 22KB - Virtual size: 21KB

.data
Size: 56KB - Virtual size: 63KB

.rsrc
Size: 15KB - Virtual size: 16KB