General
-
Target
SolaraBootstrapper.exe
-
Size
7.4MB
-
Sample
240628-xfkdrsyfkh
-
MD5
397378b38483b904a99c1c8d69eba0a1
-
SHA1
3f1c0bb763cf29ac09a99ffe6115d946d3c02aaf
-
SHA256
614e3f63c889d7726659b939d24259f094e1cc9d5e9e83517b81b4aacd9ff48f
-
SHA512
318a511606ec2806f7decac384a25cb1091c1c32d3b9782e43f5d36eb67b5723a52d56e82a83847369d89535146a3c97e493b1aa98d3c6cdb304f1bb2c4398fc
-
SSDEEP
98304:uveYgZhUmNz6OshoKyDvuIYc5AhV+gEc4kZvRLoI0EJfNA3zCUTVv9JT1sOBN3oQ:uWYS6HOshoKMuIkhVastRL5Di3u01D7t
Behavioral task
behavioral1
Sample
SolaraBootstrapper.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
SolaraBootstrapper.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
SolaraBootstrapper.exe
-
Size
7.4MB
-
MD5
397378b38483b904a99c1c8d69eba0a1
-
SHA1
3f1c0bb763cf29ac09a99ffe6115d946d3c02aaf
-
SHA256
614e3f63c889d7726659b939d24259f094e1cc9d5e9e83517b81b4aacd9ff48f
-
SHA512
318a511606ec2806f7decac384a25cb1091c1c32d3b9782e43f5d36eb67b5723a52d56e82a83847369d89535146a3c97e493b1aa98d3c6cdb304f1bb2c4398fc
-
SSDEEP
98304:uveYgZhUmNz6OshoKyDvuIYc5AhV+gEc4kZvRLoI0EJfNA3zCUTVv9JT1sOBN3oQ:uWYS6HOshoKMuIkhVastRL5Di3u01D7t
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Loads dropped DLL
-
Hide Artifacts: Hidden Files and Directories
-