d87d6cf111482f9fd91afac59991c95ddf8d84e6987d550beb3cb221f4bdbc51

Sharing

Copy URL

Twitter E-mail

General

Target

Solara-main.zip
Size

12.9MB
Sample

240625-qyzg3sshqe
MD5

0174853f03130aa28981e8443d78fec4
SHA1

ea268adffbd1ebbf8b73fa39454ba0f0e4b5ebc3
SHA256

d87d6cf111482f9fd91afac59991c95ddf8d84e6987d550beb3cb221f4bdbc51
SHA512

acf9154351369e8bedc4aa6b155b319b24d6f60e0afc39dd45218353303c45f59f925efc0ef9fe7936bfafb7e1f5ec89e54a9c76c1c12a3dbcb9005308ab8f3f
SSDEEP

393216:V3GHq4YxIdtcdHP/k0NovtlRXKsPBKxn9J44DJ595N/:ZG3YxstcJovth89J4MB

Score

9^/10

Malware Config

Targets

- Target
  
  Solara-main.zip
- Size
  
  12.9MB
- MD5
  
  0174853f03130aa28981e8443d78fec4
- SHA1
  
  ea268adffbd1ebbf8b73fa39454ba0f0e4b5ebc3
- SHA256
  
  d87d6cf111482f9fd91afac59991c95ddf8d84e6987d550beb3cb221f4bdbc51
- SHA512
  
  acf9154351369e8bedc4aa6b155b319b24d6f60e0afc39dd45218353303c45f59f925efc0ef9fe7936bfafb7e1f5ec89e54a9c76c1c12a3dbcb9005308ab8f3f
- SSDEEP
  
  393216:V3GHq4YxIdtcdHP/k0NovtlRXKsPBKxn9J44DJ595N/:ZG3YxstcJovth89J4MB
Score

1^/10
behavioral1
- Target
  
  Solara-main/Files/Solara.Dir.zip
- Size
  
  12.8MB
- MD5
  
  2edce30b0099ff53fa4e2c6a566683dd
- SHA1
  
  c5073968d2520fc3d1842e84969555e5a9d2093f
- SHA256
  
  0b99d4c2358f08dabf75fad4ab8259aada47b7c5ea9934a6eddb31ba216396f7
- SHA512
  
  124adc62a32bdc9231c24b6f03ee638ef0fb8e313c3e1b095811749bbe5740d4447e3fc5a18d4cdb2316a907bf14cb3fcbc6db686413741b82af88452a45402b
- SSDEEP
  
  393216:g/qZKYa56V7nepxN+TwIWgnJJNV/GybGr:0q7a5W7ne0wUNBX0
Score

1^/10
behavioral2
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/content-disposition/README.md
- Size
  
  5KB
- MD5
  
  cbd415ae5e4605f9ce13640c323d8aaf
- SHA1
  
  e1d109d584a63de2418adfd8fb59b298d0d9368e
- SHA256
  
  871c5ec648b67ad1a5791c6c4f95e5bb5df78ecc9aae0a3387e2a08e068c6968
- SHA512
  
  4454179d3ddeeb49393df168db1867d19054c44b60e1da5ff5555d26a8f0ba9cc5f3d5dadce76ebcf0110924c440a10e01969ff701076a38a2ff8673db6325d9
- SSDEEP
  
  96:eXCnQ5B17X/AU4M58ZBB/WfUt41lFXTpGa+O/iOu:eyAFXz58ZBMT1l9bru
Score

3^/10

execution
behavioral3
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/content-disposition/index.js
- Size
  
  10KB
- MD5
  
  43a307ff7de26dbec523ec966c434f94
- SHA1
  
  ed7f187b72a7b1f81d113bad5aa9347c242120d5
- SHA256
  
  e86a88a5d1a9dd74faa753ca4e47a78e38ae930f3206e5e887cf6cb0ad70cbf8
- SHA512
  
  79c073d3f0dea6c1606029b9a476cdce30ebbfb7b6ca95935a2e3f2cc97e70f3f00dbe8b7067beea78dae120f4941e60a7aa26592cff18e5cdf56f335127092d
- SSDEEP
  
  192:NnPSCe5ZBHNVzX1t6/khk3bnEm+4qcVupDAGJvyAJK:NnPSD5ZBttXbMqenircgDAwrK
Score

3^/10

execution
behavioral4
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/content-type/README.md
- Size
  
  2KB
- MD5
  
  cb19c8aba870601aee363ac2302da33d
- SHA1
  
  f41b2b41f354438d6ed00d1d028b54a93fa15862
- SHA256
  
  8793880cbc4fd7294dff8562b71d9381ea1c0557422b66007920415ba439486e
- SHA512
  
  58991d9dcc472f56d93bf69b65ef6c5d0b1f4ad0a094a812411e75d32adbe9a54ffb3739ddeb71dced591bf2be220740bc17aff7e9087069c0dce94a99b3468f
Score

3^/10

execution
behavioral5
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/content-type/index.js
- Size
  
  4KB
- MD5
  
  4781c7ea0309edac61c3a36e3ea9da10
- SHA1
  
  1b6e7e8d1963ce958cf0f225223fadb5ef12f86d
- SHA256
  
  7d76ae0f8ecc0a8c053de97b0f695f3fa3df33f692d1bd241307995304e5f63d
- SHA512
  
  d458f8962f44ec30bf519a54aef063960d9cac2a954493383fc2ef46781c3244740f18c7daf1821b4e0babbd56b356228f7247ce40de9f3276de91a71c66c78c
- SSDEEP
  
  96:CJFvvhHgqZlI8IDzdlalSqZf/gf6GosMySqUqMGa9Nw+j0i8L:CJFHhAqbI8IdUYVhvJMG6Yii
Score

3^/10

execution
behavioral6
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/cookie-signature/Readme.md
- Size
  
  1KB
- MD5
  
  57ae8b42de3dd0c1f22d5f4cf191e15a
- SHA1
  
  eedf0ded937f36b8ff5054a5b08cf38fdc241deb
- SHA256
  
  1621ed10d0b2f865eb8608e0474a356cf7a9737a384b6593b61b30a9f6e50366
- SHA512
  
  c725e8c112ae4ffb9593c512636d1c9208cf10bfb055901a00d0dc892c95617ad3300829256972bb3996914b085d0a862207d214d0f9342741135d7e1e0ecb91
Score

3^/10

execution
behavioral7
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/cookie-signature/index.js
- Size
  
  1KB
- MD5
  
  a9634aa95d321b9a6d90bec5d3d23937
- SHA1
  
  bb5c2c0a463aa10074caf991f67681231b1f0c21
- SHA256
  
  8d762862020064468b4af17e561ee1ee29d9d55311a1c19d958c4ff2be912963
- SHA512
  
  214e27edb4367aa2ef322c4d857a918ebd57bc825646184f90fa6911f830b3755fce1fdff30a5d231ea11ba4ddd82b4f2afc36451289f0b4334c445e9a26dc48
Score

3^/10

execution
behavioral8
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/cookie/README.md
- Size
  
  11KB
- MD5
  
  683e2286b5cb5bd1b4b36866f573a29f
- SHA1
  
  a4d68d3f76512c87cfbcf6a6e553876d1980a6e8
- SHA256
  
  ba8b36c7d860d6ef37887b6ef496a486e91aefe5229f65157cc8b44725b9bec5
- SHA512
  
  8f6fa08988cabc1d90f6523d3ca2d09e89622aecbf2e954e67241a076f43d3db0eca3bb16b28cd0259e851305631f8dc42299a78aa400ce0623ac90b7c56c218
- SSDEEP
  
  192:gC6nTuN1D5AKINreMblbEnV4zrhw5lPOkRHPL+gqdd7SHlxlmzrMtCT8+cNkq:QuN1D+9eMbFES36RHPL+b8xQTimq
Score

3^/10

execution
behavioral9
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/cookie/index.js
- Size
  
  5KB
- MD5
  
  db5deda6183845891fe9b5667cde042d
- SHA1
  
  ee23ab87c951b0d3e3cdf1d6072a126a84491335
- SHA256
  
  9fd02358eabdf6c27b388dfdff94061655620a352253bfc5b01ee4cc30ca36b5
- SHA512
  
  1b6957f2ef28c5d4e14e02e8d6fea08d7210c0f2eb9de4788799fcc57d806998448622145ca45f0f605db447d97be982c62211535bf421d8c02d9e384e7db339
- SSDEEP
  
  96:sdChhqAp9V3vGycd6mDxj64MRHMqwa+8g+3ndAVVJiN9B2RQhAh++xctZt1Y1JzI:G+hqmP3ObxlvodnwRQhAU+it9szI
Score

3^/10

execution
behavioral10
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/debug/README.md
- Size
  
  17KB
- MD5
  
  03694893d682191b3c893701ba6f4a55
- SHA1
  
  38096a9c10830714695a97a8501b817eb0a7534e
- SHA256
  
  cda3dbd285a2b65894758565a565e7bc2e7c3696225af7b5bd01454240df0aea
- SHA512
  
  3b80ea8a912ec4ddf1a1e2fc3f3ebd8f4bc6f591f9b2732694cb5627c549d7911c1a6eb82ab68ac025e13e090b3e39b8b4ae66a9159f45696b6343ce76213f54
- SSDEEP
  
  192:H6R76Zbt7yJXxRrHQbSb4BDyzWM/XAoxIM6jep2JVhgu9o8ZT/ueXBEgdjaSjVwo:U7DxRrqB4rxIMajJVeqaxq3
Score

3^/10

execution
behavioral11
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/debug/karma.conf.js
- Size
  
  1KB
- MD5
  
  06f3babbdc43c6c4dd1493b6c1af32e2
- SHA1
  
  93fef7cf3ed6f04d2cfc3cd0b8d5d972d35cfd29
- SHA256
  
  2430869adb61a5e24a3612110a9b49a948e6db43ab7e947c003a9c19c478e609
- SHA512
  
  ad65132ed6f675f6f318fefa36f4e6c23f3ff4dc47d02575f6d5bef7b062a2e90aea1a43dd5327c2565be3d834c969ff2ae3efdb2add4a958882a6f056f659ea
Score

3^/10

execution
behavioral12
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/express/package.json
- Size
  
  2KB
- MD5
  
  3b5b76b70b0a549dce72c5a02756d2a8
- SHA1
  
  07786baebb5c52882e28a8bd281c9a36d63dd116
- SHA256
  
  bdd67333ab62b0bfeb10ecbbb23936db57b743a3eec580a354591fdf63334859
- SHA512
  
  bb266dfa725421fb26d26fda0f45a5fa5cd832667b05f27ceaf4e7fc1e032aeea8700493cfdd2941c3c38cd166eee1000d2b9ae3ddef375714e25a2027a943a3
Score

3^/10
behavioral13
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/finalhandler/HISTORY.md
- Size
  
  4KB
- MD5
  
  061c80fd951e66dfb115a351a3f7547e
- SHA1
  
  8c8b29df85b7d82d17361838d822d9c464d733c2
- SHA256
  
  5c7065d29a2710c69516308350a51a140dedd0e4527f27578405087010cd4b7f
- SHA512
  
  00ae061b93bd3f7143a55922083f16ae281852332e5d1cee867417fc1b1189400def1e6700fb03ef304d0899e31c1e23f1d38cfc6c6efa14a9466958650359a7
- SSDEEP
  
  96:va4n4/AwRx8+ebFj6JJPdYXH+rtn6oZBn:C4n73d6BYXcBT3
Score

3^/10
behavioral14
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/finalhandler/LICENSE
- Size
  
  1KB
- MD5
  
  462b10b32bb9175b97944aabef4aa171
- SHA1
  
  d07c312c66be4bddaba627e873b9e0c5ecba7cd4
- SHA256
  
  47dcccf62bf40469d23849b0b1dc8df9fc91bce219b880c638d4dc4596e6b5cf
- SHA512
  
  ef8dc7ac579171278a483d216628c695f451eadcc2da1db672e7451cfcb1407c5ade28ea7bd2b7f91bb2e29bf0d8a637f550955d648f917a1eb2a93f8e93ba1f
Score

1^/10
behavioral15
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/finalhandler/SECURITY.md
- Size
  
  1KB
- MD5
  
  8c218c1d06fdde7cbb4926ca8a11144f
- SHA1
  
  3b7d36c55ac91ecddd14cebb0f8eb158b443d776
- SHA256
  
  d0366646babeb58ff9cb81d794063822b86bd3f3c12e96133c9f55a0812891cd
- SHA512
  
  bd882a7e1650d032543ad58675faf52139e1b21c4b3fb809ab7f2d397c5988c0b0c1e1840ba755c78fba757d36d011b0a6039c37f08770aff76844c26d498213
Score

3^/10
behavioral16
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/finalhandler/package.json
- Size
  
  1KB
- MD5
  
  3d09ac571e0b6eaf8fdb9806118b6d30
- SHA1
  
  eb758bb6a7d3e4f32f0fa2f941265678539e74f1
- SHA256
  
  243d853d4386c4132508ae9a99e5176b25be7f5cb6967bc1bab241f20e937e72
- SHA512
  
  0207cf364e3eac974cae61ec68fe3975fd1f1eb6150f51293ce67f62dbb0f27a3d9c193101ef282dcd099fc653ca73cd3c875c18e5e266964038e3334697b5b4
Score

3^/10
behavioral17
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/forwarded/HISTORY.md
- Size
  
  400B
- MD5
  
  ba854f852a81318ea0356f4286e20dab
- SHA1
  
  bd0efe669ad506ab258bb461d1444d74dd288ce5
- SHA256
  
  16a998adf118889eee706826b2d3bc50b0d6ef228d81eb94a64b47b72d95a398
- SHA512
  
  64419f572a5b1d243e1a2e7cfb8ca2eec6fa4e472311b76dcd21a0ed64e8a174c31992a06828813aadfac230b7e23823198203bf2af7235f73b4755bcd2da2b1
Score

3^/10
behavioral18
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/forwarded/LICENSE
- Size
  
  1KB
- MD5
  
  13babc4f212ce635d68da544339c962b
- SHA1
  
  4881ad2ec8eb2470a7049421047c6d076f48f1de
- SHA256
  
  bd47ce7b88c7759630d1e2b9fcfa170a0f1fde522be09e13fb1581a79d090400
- SHA512
  
  40e30174433408e0e2ed46d24373b12def47f545d9183b7bce28d4ddd8c8bb528075c7f20e118f37661db9f1bba358999d81a14425eb3e0a4a20865dfcb53182
Score

1^/10
behavioral19
- Target
  
  Solara.Dir/Monaco/fileaccess/node_modules/forwarded/package.json
- Size
  
  1KB
- MD5
  
  e7df15eb8d27abec5607f111411a9df1
- SHA1
  
  5d558cad52024d41373ae030c0d7ff67e8dfd7fe
- SHA256
  
  550a78f64b6a76bc353d6a10152af5750613d0d910f8478943176c1a6196158a
- SHA512
  
  e589265c66cdfb98acae434c3a7c77236a594f3b43749a65246a6290d0771c4b5f7dfbaf0a19a37002c5b905faf427065d4e4a3428f4d549c7cb5cd372fa09fc
Score

3^/10
behavioral20
- Target
  
  Solara.Dir/Monaco/vs/editor/contrib/suggest/media/string_16x.svg
- Size
  
  4KB
- MD5
  
  48e754cb54c78a85dcc9aaea9a27847e
- SHA1
  
  8d79b23037deb6586e4954305dcb4caee14afbd2
- SHA256
  
  d1aa361f33564e8f9d527a01a66c7ce35d73f23417432e80ddf51f562770ee79
- SHA512
  
  f6d902b5c73b59636cb71d4019ff45cb77532bf22aab28a8314697e24a62163a94140c97495ad5ce421c09c26e4bcbfe5a815eae27e945c51ccd80c2ba9c3a77
- SSDEEP
  
  48:CnN6wkEX+c9Vlt4AFCj93Z0hDC7hSBnukNyhDFtrJGuG2XvS+yZCahDC7hSBnhKm:zJWFCMcfkCFGE6+yZCacJImkArbbqrAm
Score

1^/10
behavioral21
- Target
  
  Solara.Dir/Monaco/vs/editor/contrib/suggest/media/string_inverse_16x.svg
- Size
  
  4KB
- MD5
  
  6e5c0ce7ec09969f07ea6ee078ef8ad6
- SHA1
  
  deadc5357a26852d872bffa77d1aa19108603b25
- SHA256
  
  7d23c0f30cb9c05c81bb15785a3299772ae3cfbe51f3e04895aa1f23ffbeba5b
- SHA512
  
  2b02cb82f9e4720ee43bfc8b7fe5d6de38228329aafbedb589d5a219057c15f073023deca3c1ca5b65cea4a4f0d863ebd88c889b1d67119639fae2ce180863bf
- SSDEEP
  
  48:Cn7wkEX+c9Vlt4AFCj93Z0hDC7hSBnukNyhDFtrJGuG2XvS+yZCahDC7hSBnhKHG:EJWFCMcfkCFGE6+yZCacJImkArbbqrAm
Score

1^/10
behavioral22
- Target
  
  Solara.Dir/Monaco/vs/editor/editor.main.css
- Size
  
  171KB
- MD5
  
  233217455a3ef3604bf4942024b94f98
- SHA1
  
  95cd3ce46f4ca65708ec25d59dddbfa3fc44e143
- SHA256
  
  2ec118616a1370e7c37342da85834ca1819400c28f83abfcbbb1ef50b51f7701
- SHA512
  
  6f4cb7b88673666b7dc1beab3ec2aec4d7d353e6da9f6f14ed2fee8848c7da34ee5060d9eb34ecbb5db71b5b98e3f8582c09ef3efe4f2d9d3135dea87d497455
- SSDEEP
  
  1536:ZxP4PUPVP0PAPeMi76Q4TVq5bbhLynlDTkDatDF8Jmmvgs0aMJkn:p2bIRkDSYmmvgs0aMJK
Score

3^/10
behavioral23
- Target
  
  Solara.Dir/Monaco/vs/editor/standalone/browser/quickopen/symbol-sprite.svg
- Size
  
  20KB
- MD5
  
  649fb0a55b0e0fc9d79e6b7872a14c10
- SHA1
  
  b33619c9dfd65d3f2e5a5fcb767a752123d51607
- SHA256
  
  fcc3026b97068f3d9e1743d36ca26b96ffdbcd2841fa9d804caccc4f249911c8
- SHA512
  
  3fb4b07e9313b69c84f887c9ca0464e4c8d06a98a8f2ad7d0b48452d068bd526004c21633d0279b4b5e17ad882acf8c7e99b4c3e7650be43b495b670a87d0cbd
- SSDEEP
  
  384:cyPJZCcKWPJuCNoSmvcar1PNY6g2HdSjEc3/WD3:DCdCNkvcaQ6x9SjES/W7
Score

1^/10
behavioral24
- Target
  
  Solara.Dir/bin/version.txt
- Size
  
  4B
- MD5
  
  8226187238b1431e1efc60d9793abc1b
- SHA1
  
  e6e37a1ce19e3de111af831eedab186697c13536
- SHA256
  
  4724079503299cf1abc274182a50ac8108d1ce27aec710847e9cd5aeae8cbc1c
- SHA512
  
  8fe3f84ac265ce196e59f754ee3335528d98244c76b96dc4902fbdc61923c818b9823cd9d8d6763ac260bf682d780c1765ebf1892e25611d9f1291c032cb8ae0
Score

1^/10
behavioral25
- Target
  
  Solara-main/Files/SolaraB.zip
- Size
  
  5KB
- MD5
  
  4ec8143b6dbe27870cf8333711ff5096
- SHA1
  
  693d467ebec348469011ffef1bd370b113653147
- SHA256
  
  2510be907ec476e8375ac7b5431536ae9a32bf99fe77ab695a5100852b111b96
- SHA512
  
  b513d2b9c63d999ccf459cea625bfdc481e44f0f3222996182a0d0d89fdb97ed754b927c7a429e43b96f13d2fc73e2860edca78b162a41101ae97e1a0f4e054e
- SSDEEP
  
  96:Kb43b11j3vs+ieHBgcCXhzWYQ1NJGQ7S8SnV8xT/KiFlg5YNwMHv5F:Kb4rEKhgcghDY4Q7WV8t/VG1o
Score

1^/10
behavioral26
- Target
  
  Solara-main/Files/SolaraB2.zip
- Size
  
  278KB
- MD5
  
  ea418b261e24a56105a6d328b60e9cc7
- SHA1
  
  4f89568a40fff23b381eb1009a764cc7eaf6580c
- SHA256
  
  da9098d4713d46c44b95758bdf17e3d2fa1633b3130c7be47b7111132dc051ff
- SHA512
  
  95a04802ae713e00940b6ddb55bc75ea7d3450cf31b5fb9d55f0b44aa3629bbf2695d979e1cdef244b4df987db89475cb7185f648cdaffbaa8189e3187dcc8de
- SSDEEP
  
  6144:eZJBeDFmH5elET2OhI16sf2YtiQFhL+SV0zZ5NnFJw:IJkFmH36h6seLQFhwfw
Score

1^/10
behavioral27
- Target
  
  Solara-main/Files/SolaraBootstrapper.exe
- Size
  
  13KB
- MD5
  
  0cc81729f4bd4a6eac95cc442bc8df2a
- SHA1
  
  5d5f367e720684dd64cfb5340d9911ec0782fdac
- SHA256
  
  92960ae4a38d896418a14a1db5ba1547aa273443790e858d00dac4ce64550c2a
- SHA512
  
  f6fc1fca47e4620e24652d8dc2aa88cdd7363172b31122c05d262349aeec88407a2b3fbbc4e4834c359960d4981fb9f674cfbfd9d5743dc917df72a3ebfb3c90
- SSDEEP
  
  192:+ZnqvqiVx1BLO77IaqaLHmr/XKTxnTjw1hOPVXmNjA:0nCVxoIaqayzKtnw1h6VKj
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Loads dropped DLL
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral28
- Target
  
  Solara-main/Storage/Drawing.lua
- Size
  
  15KB
- MD5
  
  2188315d9feaadaff6b9da788881eb1c
- SHA1
  
  d2d321f24fd51d049c4d5355cac26f744a4b49ad
- SHA256
  
  36c9b16d8fe02a7b5f7e874056158bb80f11d9787955785b71dcabfcf0b7876c
- SHA512
  
  543daf72639b642a9ca9a8c249ad2f877a2781975da0db3008c3777cb57ae265dc0d5f4f0bd0c597f370907e6a05a31097ed6256373a50c936d60173148e4092
- SSDEEP
  
  384:EDQBXf8WDP8g8KUy1qjoRpR9K3CYoj4jRayhfuojrADopXMF6:KQBP8Wz1qjXoj4j/4ojHB
Score

3^/10

execution
behavioral29
- Target
  
  Solara-main/Storage/docs.txt
- Size
  
  10KB
- MD5
  
  38696468153eab7405ef1ecfe0fe6f8a
- SHA1
  
  a5c94e66a53e817fae95fb5121244b78febcad29
- SHA256
  
  e805aba76e6becab01f5b815dc9c9a298805962f3db16bfd4c36d2ae9b0b4fc4
- SHA512
  
  b4e7df1118117369c28cca2f03e799e5cd9216ad0cf03c33df278052119ced12cd5598c60ce731bba2b002c66c0f9d61d9a663503cdbc3f35336a649be04d8f4
- SSDEEP
  
  192:3kXBBSYwwn1Eu9/4k38OTXrs08sQOpRf454obmVqrC:3+uMB4Xs
Score

1^/10
behavioral30
- Target
  
  Solara-main/Storage/patched.txt
- Size
  
  2B
- MD5
  
  fe13119fb084fe8bbf5fe3ab7cc89b3b
- SHA1
  
  ab0680a89434e6411d9838b675ea87c2c11c379e
- SHA256
  
  a4fb621495a0122493b2203591c448903c472e306a1ede54fabad829e01075c0
- SHA512
  
  09fbaefb4d8c81da723f6f0587881606feae2f200d4246b47e2fbe3bab808d65c39a5fc14ac31cbd5a3c173672873a6e528a076232a494ced703949bdda1ab78
Score

1^/10
behavioral31
- Target
  
  Solara-main/Storage/version.txt
- Size
  
  5B
- MD5
  
  a8f7998f8368f1c383ec16e0f5a54ab8
- SHA1
  
  70b202b7a3b42025354c11d504ecdc42545b0d60
- SHA256
  
  3b73d9f04fdf44196e24c2efb198f701f68825ced6d0841be98bd66cdededa13
- SHA512
  
  64a102f715d2e6e462b1b74c10002f4aa5c02bebdd2ee52be11562bb0916101bd988c5b26341895491005d261ca4647fd7d7c98007232f4fbe69982b1748c244
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Virtualization/Sandbox Evasion

T1497

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Checks BIOS information in registry

Executes dropped EXE

Loads dropped DLL

Themida packer

Checks whether UAC is enabled

Legitimate hosting services abused for malware hosting/C2

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32