General
-
Target
SolaraBootstrapper.exe
-
Size
9.5MB
-
MD5
7d9b8cef5925d1a700d720743bf61865
-
SHA1
10321760a98c0220be157441ae0516a5003ceba3
-
SHA256
1f3a8ed14dcf8dd8b4a88787b08163b9e9d65d999e61645b90c0c91b6a8f71fd
-
SHA512
793cf9f9641cd3c79fdba67af80d4ecf4b17ba4c151cc4696504740db64aaf309caeec1497273092a825e3543109f1172648193b9ae8a15d57b1501b74d2f8a9
-
SSDEEP
196608:ZE7JB0tYrXLW+d7UcIxptvyUQymRDSI1WCOK5d66w:ZE9B0OjrdLK4J/n66w
Score
10/10
Malware Config
Signatures
-
DCRat payload 1 IoCs
Detects payload of DCRat, commonly dropped by NSIS installers.
-
Dcrat family
-
.NET Reactor proctector 1 IoCs
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
SolaraBootstrapper.exe
Headers
Sections