23500bddbff92250b5ad38541348faef0244443b3295bca7a38d30ed8146fa82

General

Target

Solara.zip
Size

437KB
Sample

240710-ppyczsxhkq
MD5

aa3de0e040a9dda35d88231080353018
SHA1

746f759757b5f387a2d42799a01c455c7f385a8a
SHA256

23500bddbff92250b5ad38541348faef0244443b3295bca7a38d30ed8146fa82
SHA512

a094aa5309b3ec59b9ccb1cb7b203f6e97b3aa95471100f1cf1131d0ddb1adc4706c5450ec090cdafd1a726324d5b96f7c4a6999f64bc3edb7c88d3be70dba53
SSDEEP

12288:4C1tME2BK/QIOLYBaEN0bK1DVyQkx02fv:4KwijOLYKK1IQa/v

Score

7^/10

Malware Config

Targets

- Target
  
  Solara.zip
- Size
  
  437KB
- MD5
  
  aa3de0e040a9dda35d88231080353018
- SHA1
  
  746f759757b5f387a2d42799a01c455c7f385a8a
- SHA256
  
  23500bddbff92250b5ad38541348faef0244443b3295bca7a38d30ed8146fa82
- SHA512
  
  a094aa5309b3ec59b9ccb1cb7b203f6e97b3aa95471100f1cf1131d0ddb1adc4706c5450ec090cdafd1a726324d5b96f7c4a6999f64bc3edb7c88d3be70dba53
- SSDEEP
  
  12288:4C1tME2BK/QIOLYBaEN0bK1DVyQkx02fv:4KwijOLYKK1IQa/v
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Drops file in System32 directory
behavioral1
- Target
  
  Launcher.bat
- Size
  
  31B
- MD5
  
  41132bf2fe575a1b1e4c1504afe5324a
- SHA1
  
  2531a3b6534495510d727cfd179805b1eb68d7fe
- SHA256
  
  a6a10d3ad76f6ac73ddb8026cea7024523b67210cad1ff64e0deea00bbf54df5
- SHA512
  
  a5514a7a7749233d0c37c8d6be628ca3e5ac4e36a187fccda53569430eaa9723f704c0597f79dee5ddf1e507407ec087cf70cccd8fddcbedad50d6a6d1ed1b6a
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral2
- Target
  
  compiler.exe
- Size
  
  203KB
- MD5
  
  86a5ca3d3047cf565ff86ea815da9fdd
- SHA1
  
  a8e71c779862d3b4188f8dd6eac44afdf37d0ad8
- SHA256
  
  d8dfaed0bd2f45c5f8cff47c680efcb1441b0856f0f6de954a1095450d3ec0e2
- SHA512
  
  0ade956d8386f07352757a459581b880663c58b79345441a0eaafae0d41da92e42861423c4a918cf4b2121dbc1bbdaa71eb44952be402fe82ac9ac30dd83e07f
- SSDEEP
  
  3072:rnvavn6z2TMRXs0I0ziBev6pQBeXEmZQCJeoH6ctzJQel5axhtvbOEUgnuBKn7+i:rva5TMRXs0IKiBDbZt4Ggn77+ez3C8
Score

1^/10
behavioral3
- Target
  
  config
- Size
  
  298KB
- MD5
  
  4ad602c68eb3aa4c84c73834e653605f
- SHA1
  
  3afe93611642a34da843e91db323fbec18ac7887
- SHA256
  
  aa2ac19e959beca447e34da002cc63149c208d8427bb8631344ea069f4bbccba
- SHA512
  
  9cbb57a762f924768a1ff05cec2f0a05e4c4b6d145a51bec8246bae4f9de382f95809cc71bb6a0592ee97172cf020bdecf00d6997ff4f0242a8ad6458ae7f2d5
- SSDEEP
  
  3072:CpLKAVn5IsbBoSACROtFD/2GWJmv+yO9CE/eLxb0plHg2Qe7IXh2h:C8AHBoLCUjJWMO0E/et0pF5IXu
Score

1^/10
behavioral4
- Target
  
  lua51.dll
- Size
  
  389KB
- MD5
  
  fb2b8675cf63baddf4430bf7f53ff218
- SHA1
  
  502b193ec72eb71192f6b783cffe9b6eb8bc944a
- SHA256
  
  16c4d10cb496578b0ca63c0c30e1e346cf3f879326768889386c058760f9a39e
- SHA512
  
  41a1183a87b6879add36de49cc876e07dcc365289ebc4359ca836bc9376fef10bedde7e2c878be238315296d20780c06e7305d913757b6879e86051439348892
- SSDEEP
  
  12288:siZ+ox9piQ8G27pC6Yyu5t60O0MJuAghAuNwABU:se19pm7pCuCt6+w
Score

3^/10
behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

3

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Looks up external IP address via web service

Drops file in System32 directory

Looks up external IP address via web service

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5