General

  • Target

    SolaraBootstrapper.exe

  • Size

    10.2MB

  • Sample

    240626-g1nnxssdmj

  • MD5

    65c2b250eea43f46bda8ede4ab457892

  • SHA1

    8999c89bbf307dad88b49863f0dd79c0794310ed

  • SHA256

    30f18ea51bfa806877d6579d457762c4b34bed35208c379a0a90f65e4921d1b6

  • SHA512

    72c9a4d1b5abdb29c641ee03be75cb7ada08b480b2a0b2a6e8ca94d1105680a57b7fe80f9916a093a6823b1bcb192acced3434382265d3aa5ddab3e54612515e

  • SSDEEP

    196608:ihxgnEkfcdqBA1HeT39IigwdeE9TFa0Z8DOjCdylLhYMfIGQfkdoXKh:xEkfc4q1+TtIiFUY9Z8D8CcldlQNbXKh

Malware Config

Targets

    • Target

      SolaraBootstrapper.exe

    • Size

      10.2MB

    • MD5

      65c2b250eea43f46bda8ede4ab457892

    • SHA1

      8999c89bbf307dad88b49863f0dd79c0794310ed

    • SHA256

      30f18ea51bfa806877d6579d457762c4b34bed35208c379a0a90f65e4921d1b6

    • SHA512

      72c9a4d1b5abdb29c641ee03be75cb7ada08b480b2a0b2a6e8ca94d1105680a57b7fe80f9916a093a6823b1bcb192acced3434382265d3aa5ddab3e54612515e

    • SSDEEP

      196608:ihxgnEkfcdqBA1HeT39IigwdeE9TFa0Z8DOjCdylLhYMfIGQfkdoXKh:xEkfc4q1+TtIiFUY9Z8D8CcldlQNbXKh

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      cstealer.pyc

    • Size

      67KB

    • MD5

      68c7c79abd1cbe4a2029d04dd8690824

    • SHA1

      eaa6ca92e8370cdc6d721fa14d5b4037b217c491

    • SHA256

      48ff0bbf71df1aae1c5b29372b9375ed31d449883bd8ce0e5f801c701cd85000

    • SHA512

      b9a31c32e06681f494ad15b9e667f60c5f49974bcbf5621f1d965dde7cf230b7cb4d245db3713520415abd63ffbf279bcae4077fe89906e78fcd025173339346

    • SSDEEP

      1536:l0xqOguxpqBJlMstbo88jLQQcXf9qS0Vr+LRheG:lql/+bo88PiXX0r+LRP

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks