SolarisUI[.]exe | Triage

Resubmissions

09-06-2024 08:57

240609-kwm4dagd2v 5

09-06-2024 08:48

240609-kqe6ksgc5x 5

Sharing

General

Target

SolarisUI.exe
Size

15.6MB
MD5

64b5925777fcb6377e17aa712c371ad1
SHA1

fc476273fce7a19e6088105062812884a0710dc5
SHA256

4a65b5036edd76920148def94a49fad17e80170b280c66d10a32efb4f4216ce6
SHA512

4108ddfa6c5b2c467886bfbf229506a0ce06ad2e9588c12a1b59000894e7434665075e5251f3a6146a5fb17a1cc40f3589db4942b09ab53c9cd922a90a1968c7
SSDEEP

393216:1IGfVyEqVntnwQuHb+jM3TKdaQYvwbL5SOUt4SA:+yK4Db+qTLF0A4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SolarisUI.exe

Files

SolarisUI.exe
.exe .ps1 windows:4 windows x64 arch:x64 polyglot

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 10.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sivy0
Size: - Virtual size: 11.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sivy1
Size: 15.5MB - Virtual size: 15.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ