Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
-
submitted
26-05-2024 20:48
General
-
Target
SolaraBootstrapper.exe
-
Size
20.6MB
-
MD5
85e8c5acfc113792ea950f0f9974dde6
-
SHA1
b98fd74d3e1f9277ba3fbdf70821c41bd8b553aa
-
SHA256
6b5bc20646f1d8c2b40dcaa0d716d6fa8aa25589c54043cf0fa547a21d10fcf4
-
SHA512
9e86d41b77de5e5290b3e66d75c620a2ca86d8166474ca743948b62e186d350433eecbd5c6c7212cdce24bf11d5ee7213127ecbd773ad9112af507747afeb021
-
SSDEEP
393216:1o9DM45Ct55L1V8dkurEUWj+rM6EGPKSUuK+:a9NMXRndbmM64S7K+
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\SolaraBootstrapper.exe"C:\Users\Admin\AppData\Local\Temp\SolaraBootstrapper.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\SolaraBootstrapper.exe"C:\Users\Admin\AppData\Local\Temp\SolaraBootstrapper.exe"2⤵
- Loads dropped DLL
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI20402\python312.dllFilesize
1.7MB
MD5fb8bedf8440eb432c9f3587b8114abc0
SHA1136bb4dd38a7f6cb3e2613910607131c97674f7c
SHA256cb627a3c89de8e114c95bda70e9e75c73310eb8af6cf3a937b1e3678c8f525b6
SHA512b632235d5f60370efa23f8c50170a8ac569ba3705ec3d515efcad14009e0641649ab0f2139f06868024d929defffffefb352bd2516e8cd084e11557b31e95a63
-
memory/3000-97-0x000007FEF6070000-0x000007FEF6735000-memory.dmpFilesize
6.8MB