General
-
Target
solara.exe
-
Size
13.5MB
-
Sample
240528-zvv5xscb6w
-
MD5
b634f18234995c6cf7d38241e7865800
-
SHA1
9be000d196303ffcd57423633162416e7f3a1e64
-
SHA256
a4875928999e65e1d8c703b150f1931d80ba0ce66eb6593b79f67c55b6528058
-
SHA512
5b50be5b1301ab311586399fc711834cc1650a834024d6808283030f88a9cb7c836c7b7baf5ea91b771c68889d69c430904c37a9c4ed6fd4a88041c074cc85cb
-
SSDEEP
393216:zo9D2gf1jHix8rs99oZTuHhlsUs/QV6l0ooNXdKA9XWyCn5:U9J1jHo1Po8nsJDeooNXEIGP
Malware Config
Targets
-
-
Target
solara.exe
-
Size
13.5MB
-
MD5
b634f18234995c6cf7d38241e7865800
-
SHA1
9be000d196303ffcd57423633162416e7f3a1e64
-
SHA256
a4875928999e65e1d8c703b150f1931d80ba0ce66eb6593b79f67c55b6528058
-
SHA512
5b50be5b1301ab311586399fc711834cc1650a834024d6808283030f88a9cb7c836c7b7baf5ea91b771c68889d69c430904c37a9c4ed6fd4a88041c074cc85cb
-
SSDEEP
393216:zo9D2gf1jHix8rs99oZTuHhlsUs/QV6l0ooNXdKA9XWyCn5:U9J1jHo1Po8nsJDeooNXEIGP
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-