SolaraB[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SolaraB.rar
Size

37KB
MD5

e87814c016493db79c785fec8d32cfa1
SHA1

11583b8c3bf647491c62c5b5cd4ea41b883d5d5f
SHA256

f0eac8dd116d1ba504902373f138fd94d5a1d76f5ba3d76ad78922701ae17509
SHA512

f456131a57360b70a3944a95e13e628c9209f126e182266a5b6f9d1a3a9324e688197b82a2a7ad3de7a6016434aef18f938f1a1e6a5bc218e1bcff30d6def494
SSDEEP

768:04BoFXLAX07vQ2TvfmolMoOVlgCko5mF/nykQTwDqE3TTbK+UwlisxTD8EtMPqh9:4G526ol/S+Jo5KfhQUZPisxTD8EMPqh9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SolaraB/Solara/SolaraBootstrapper.exe

Files

SolaraB.rar
.rar
DeleteMobPF.lua
.js
SolaraB/Solara/SolaraBootstrapper.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Ashtin\Desktop\WTF\SolaraBootstrapper\SolaraBootstrapper\obj\Debug\SolaraBootstrapper.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SolaraB/Solara/workspace/DarkHubKey-v4.1.DARKHUB
SolaraB/Solara/workspace/Homohack/PhantomForces/settings/autoload.txt
SolaraB/Solara/workspace/Homohack/PhantomForces/settings/nigger.json
SolaraB/Solara/workspace/IY_FE.iy
SolaraB/Solara/workspace/Invite.DARKHUB
SolaraB/Solara/workspace/ProjectBullshit.txt