General
-
Target
SolaraB (2).zip
-
Size
6KB
-
Sample
240615-lb1peavgph
-
MD5
cfa8b83f9b0be49c84123151a1b7e611
-
SHA1
8b65ec5c9adcd3af9d94db2bfa5cc0c4bc8dd708
-
SHA256
a14170015ea46f9d7db5e90977543ae3dfb41b0913a5ffc41743e3a9589d96a6
-
SHA512
7dfdca1fddca8960edc191467f155179dc9adcc281a9e14e8fa217f598cc2515bead2d4a423dc1c49b7bd608065cfeef6367ef2061ce20a5d890c10e8e087c7c
-
SSDEEP
192:dRJ89Ip1i9nW1ADjQRYmfXBj1hfC95CM5wVddH:dRJ89Ini9nW1ejQqeRjvfQ5wvdH
Static task
static1
Behavioral task
behavioral1
Sample
SolaraB (2).zip
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
SolaraB/Solara/SolaraBootstrapper.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
SolaraB/Solara/workspace/IY_FE.iy
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
SolaraB (2).zip
-
Size
6KB
-
MD5
cfa8b83f9b0be49c84123151a1b7e611
-
SHA1
8b65ec5c9adcd3af9d94db2bfa5cc0c4bc8dd708
-
SHA256
a14170015ea46f9d7db5e90977543ae3dfb41b0913a5ffc41743e3a9589d96a6
-
SHA512
7dfdca1fddca8960edc191467f155179dc9adcc281a9e14e8fa217f598cc2515bead2d4a423dc1c49b7bd608065cfeef6367ef2061ce20a5d890c10e8e087c7c
-
SSDEEP
192:dRJ89Ip1i9nW1ADjQRYmfXBj1hfC95CM5wVddH:dRJ89Ini9nW1ejQqeRjvfQ5wvdH
Score1/10 -
-
-
Target
SolaraB/Solara/SolaraBootstrapper.exe
-
Size
13KB
-
MD5
6557bd5240397f026e675afb78544a26
-
SHA1
839e683bf68703d373b6eac246f19386bb181713
-
SHA256
a7fecfc225dfdd4e14dcd4d1b4ba1b9f8e4d1984f1cdd8cda3a9987e5d53c239
-
SHA512
f2399d34898a4c0c201372d2dd084ee66a66a1c3eae949e568421fe7edada697468ef81f4fcab2afd61eaf97bcb98d6ade2d97295e2f674e93116d142e892e97
-
SSDEEP
192:konexQO0FoAWyEfJkVIaqaLHmr/XKT0ifnTJ1jvVXctNjA:HnexHAWyEfJoIaqayzKAifd1LVEj
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
SolaraB/Solara/workspace/IY_FE.iy
-
Size
539B
-
MD5
291d5636a434c4f1ceb0f3f776c2a51f
-
SHA1
ae287e08f71c522a72812f0dace94b8ffb569341
-
SHA256
73bb58ba5b81960caf5a8e66675cc89b5761b77db99c6ceb9435f7211d400452
-
SHA512
7dab8034f85aef1b2b7a86cc8220ebdbb95a3f083d1565e1cff38414367aa69fc597a11aaba11dbef411e13fbfb285855d9c46ae59738f6e88c22dd55c81a743
Score3/10 -