General
-
Target
Solara.Dir_4.zip
-
Size
13.1MB
-
Sample
240611-ma3ytatarb
-
MD5
0ef2803e51d7a855a25615095fb3c3d6
-
SHA1
6a611a7e5351cb9a9217aedeb7eaf90e12f0f88a
-
SHA256
56c860462f30759c805c66f5154cb2d9b6a292c84bfdd1ec7ecfdfeaa824bf0f
-
SHA512
3a08f74233fdacc5a7e2fe635a2745aa798ab81dff5a8e4fa81e4e8003ead66f8c6133d4d927b768cd84a023a274e4964fa6b7970cb5991e688bd62396884208
-
SSDEEP
196608:iDqzkhlfTCMgEcjr7vv6i3rtw6dsCtxMWbq3xjnBiGGwMVeA43L+9lNVhtGcLcTT:iNNglrP/+2uQngjaXNV/GybGv
Behavioral task
behavioral1
Sample
Solara.Dir_4.zip
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
Solara.Dir_4.zip
-
Size
13.1MB
-
MD5
0ef2803e51d7a855a25615095fb3c3d6
-
SHA1
6a611a7e5351cb9a9217aedeb7eaf90e12f0f88a
-
SHA256
56c860462f30759c805c66f5154cb2d9b6a292c84bfdd1ec7ecfdfeaa824bf0f
-
SHA512
3a08f74233fdacc5a7e2fe635a2745aa798ab81dff5a8e4fa81e4e8003ead66f8c6133d4d927b768cd84a023a274e4964fa6b7970cb5991e688bd62396884208
-
SSDEEP
196608:iDqzkhlfTCMgEcjr7vv6i3rtw6dsCtxMWbq3xjnBiGGwMVeA43L+9lNVhtGcLcTT:iNNglrP/+2uQngjaXNV/GybGv
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-