Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SolaraBootrapper.exe
-
Size
456KB
-
Sample
240610-m1qfeagc8t
-
MD5
f69ce486fdd380c2555229632782cf33
-
SHA1
2d0fcc652f0ed2ef98a6ca79267fe5ade3bfc2f3
-
SHA256
fe278313e0c1881d20de92eb25d7d54c3889302ab41a6dfd4bce7ef09ba1634a
-
SHA512
37282041ba015c96b1db8fb156e3f28504d0266154e255c041dfc26b83358ec005e34c2e25b34650b0eb7700746639c6a7bbc68da2655a5ab8aec4e3f6d29f66
-
SSDEEP
6144:ravR0hfwk3QY6sk2exgDe6VlWT8b90K1rBofjXz/b34nuM+V:GvGBZ3HDtrDPVle8HBo/LGuM4
Static task
static1
Behavioral task
behavioral1
Sample
SolaraBootrapper.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
SolaraBootrapper.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
SolaraBootrapper.exe
-
Size
456KB
-
MD5
f69ce486fdd380c2555229632782cf33
-
SHA1
2d0fcc652f0ed2ef98a6ca79267fe5ade3bfc2f3
-
SHA256
fe278313e0c1881d20de92eb25d7d54c3889302ab41a6dfd4bce7ef09ba1634a
-
SHA512
37282041ba015c96b1db8fb156e3f28504d0266154e255c041dfc26b83358ec005e34c2e25b34650b0eb7700746639c6a7bbc68da2655a5ab8aec4e3f6d29f66
-
SSDEEP
6144:ravR0hfwk3QY6sk2exgDe6VlWT8b90K1rBofjXz/b34nuM+V:GvGBZ3HDtrDPVle8HBo/LGuM4
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-