SolaraB_V11[.]zip | Triage

Sharing

General

Target

SolaraB_V11.zip
Size

7KB
MD5

802edc2a2df25d20e014c5875e2678c6
SHA1

d3f78befbeb3875ba96bc22a12e00c2256ff0c5f
SHA256

e9b75ffe66b19fed9594e79730eb6bcecf4ea8bc648585cb76a0c53961486c03
SHA512

d1c197ea24ba9fdc33770fc2e4b966cf17f9ef3ecac74607040171fd48f836850c697758ee6bccd494ac219a9ea852da7bedb523e6110d1774cf81c3bf046c38
SSDEEP

192:HvYqt/NELl8XcICahNtu3Bq4fPBYKp8XVPWD0cFK:HvYqscc5ahfIBq43BY5V6FK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SolaraB V11/SolaraBootstrapper.exe

Files

SolaraB_V11.zip
.zip
SolaraB V11/SolaraBootstrapper.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Ashtin\Desktop\WTF\SolaraBootstrapper\SolaraBootstrapper\obj\Debug\SolaraBootstrapper.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SolaraB V11/workspace/KavoConfig.JSON
SolaraB V11/workspace/OrionTest/73885730.txt
SolaraB V11/workspace/ZapHub/ZapHubFolder.zaphub