Solara[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Solara.zip
Size

27KB
MD5

718bc27a87337b85106dd87d7e007be5
SHA1

af1888167c81fd7ac1c6fd63c785fa6ca04af4f4
SHA256

6d4c9dd4ee5f52cdd3bb72635fd26c9cc596dc77ffa9261c7280e71f807d8e5c
SHA512

502095c0d5fb0bcebac2885b7cedef4360f9c4af5af6eb3e209e71add6a2d654805cd651340000acd700ce27b09b98af66d648d722a90329b984b9d572de62a5
SSDEEP

768:ukek/+lkfa54ol6ixHhAUZgtIvZ/w2Nir2HjX0qG0Vu:uZuwRIiHAUSMm2Yr2X0lb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Solara/SolaraBootstrapper.exe

Files

Solara.zip
.zip
Solara/SolaraBootstrapper.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Ashtin\Desktop\WTF\SolaraBootstrapper\SolaraBootstrapper\obj\Debug\SolaraBootstrapper.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Solara/scripts/ULTRA mod menu v1.0.lua
Solara/scripts/arsneal
Solara/workspace/IY_FE.iy