Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SolaraBootstrapper1.0.exe
-
Size
66.1MB
-
Sample
240706-14r1asvakm
-
MD5
5006fd02200a1deb0fd9239ac008648f
-
SHA1
590478063fe6b1fb35eaf95d6c746ee9862bf170
-
SHA256
87ec53dd9e90cc858b453e49fddecf56da7311e0e888cee70e3c6c67cdf8838b
-
SHA512
e9531780fb0053c2e0a97d6bc0471955faa4b409bbb7adeea6205ced5885001cbc580cbea8fb5dba3c0fd60593eb8ef2587d5f4f23d56154847cd81e5006737b
-
SSDEEP
1572864:7aR0LX5WJoWbgWRSgkNOXWxtQSNLiI/sOX6ywjRB4I:7aRuX5M3gbcKCm/nX3ub4I
Behavioral task
behavioral1
Sample
SolaraBootstrapper1.0.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
SolaraBootstrapper1.0.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
HaterCollecter.pyc
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
HaterCollecter.pyc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
SolaraBootstrapper1.0.exe
-
Size
66.1MB
-
MD5
5006fd02200a1deb0fd9239ac008648f
-
SHA1
590478063fe6b1fb35eaf95d6c746ee9862bf170
-
SHA256
87ec53dd9e90cc858b453e49fddecf56da7311e0e888cee70e3c6c67cdf8838b
-
SHA512
e9531780fb0053c2e0a97d6bc0471955faa4b409bbb7adeea6205ced5885001cbc580cbea8fb5dba3c0fd60593eb8ef2587d5f4f23d56154847cd81e5006737b
-
SSDEEP
1572864:7aR0LX5WJoWbgWRSgkNOXWxtQSNLiI/sOX6ywjRB4I:7aRuX5M3gbcKCm/nX3ub4I
Score7/10-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
HaterCollecter.pyc
-
Size
57KB
-
MD5
3e6b658da688b5e4538d96d1f3bba4a3
-
SHA1
c005025e0f67d5385ba594ef0639af12b72c61b8
-
SHA256
896e62a81fa894962f65ee18adde9da069936f133bc7f2e0ef7dc35ea5b473ca
-
SHA512
769ca6f5c7664f6354cd988bfdd3f7f389a8c095a82990403e871efa61552088d4577f1d8ebf4ad0edbcbea9741a8449c9a47cd5f1b7f5dce61d5b8eb89ee4bc
-
SSDEEP
768:v16L99lxW4Jv09D/rBNVNic7tFMGoVAugA7Lk/7mflDRBfMS6LkX:g34/rlscsAugAXkjIltBfELkX
Score3/10 -