C:\Users\Ashtin\Desktop\WTF\SolaraBootstrapper\SolaraBootstrapper\obj\Debug\SolaraBootstrapper.pdb
Static task
static1
General
-
Target
240613-tgchrszbmn_pw_infected.zip
-
Size
5KB
-
MD5
21d8e1913a318aed0c7b37cb144a077d
-
SHA1
419f485a297112587296732eefc6a5c6f5443f54
-
SHA256
bfe67e1a79d38ecc6d3464065e1c70b38fa19c57b6877a4536f40703b92bc386
-
SHA512
3a21c632d86d19543a4083a72ac5a45b09863132d04a3cd71f66c48adf039ae62e6e829b28172cd767711fe0ffdb29a6598ec3b9ef1d4ff695d7f25b39d64a17
-
SSDEEP
96:/s+PNqvcsiRkszSHeF8DGT8IQy65v76oejIFamFZbraDa:/tPNqteOeF5T8IQPTejI+a
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/SolaraBootstrapper.exe
Files
-
240613-tgchrszbmn_pw_infected.zip.zip
Password: infected
-
SolaraBootstrapper.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ