Resubmissions

21-07-2024 22:12

240721-14z1xaxcqh 10

21-07-2024 20:13

240721-yzsd6asepd 10

General

  • Target

    SolaraBootstrapper.exe

  • Size

    9.5MB

  • MD5

    4050f2027e946d524e3a1078a6cd5419

  • SHA1

    698f02a2826e7d6ecfebf37b04f0231c904133eb

  • SHA256

    2cecd998dd0dda41ee0aefbd0c6a490fb42cb506fcfb2e1dafc0a89b781af9ab

  • SHA512

    fed614ebd8197c8809d32e0437dd49fd87640d3fbe0ae806479e79f2480975e404306821c43e726b55d17c02298bb088175ee079bc88d8a8fe942f3d4cd9afab

  • SSDEEP

    196608:HE7JB0tYrXLW+d7UcIxptvyUQymRDSI1WCOK5nQ:HE9B0OjrdLK4J/FQ

Score
10/10

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • SolaraBootstrapper.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections