General
-
Target
Solara-main (1).zip
-
Size
8.0MB
-
Sample
240722-enyl9ayfkl
-
MD5
8313c5fe3c1fc520bdd3dcdf6c37df68
-
SHA1
ddc8b2c813c67e7527c3c3203f3a3d16a17a02a3
-
SHA256
6469b323b7ed7a5ece51180150c3b9bb9a1d70eb9b20f8a74f6ed3caf494afa0
-
SHA512
1c2036babbbd0bc77d87f2ea1ab437b6d7958718acc4e3668a55e7054351381afccf6bb0f350cad80e19b8f8745c306eb6882ac0bca38f81576b2a46e1cb8c84
-
SSDEEP
196608:hkhE2eXJscv+jxS0SKQ5/eTNDcR4FFfaMW:hkiFskOSL5/eTVjaMW
Malware Config
Targets
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/ms/index.js
-
Size
2KB
-
MD5
ae157c9a8e70902576c2d8a06dbcde32
-
SHA1
0d10ee921436fa5ff5988445cc67676219dfffbe
-
SHA256
4bd92209cb9dacf3e3773e725acb7aaec43ea9e78540324e4d0f73e5ce9adef7
-
SHA512
4c2f31f1f2a297ab6c55a21d58a5c26cad22c1ed1913e7a48605111d217257ae2d9f26ea889e8610e011ba9b9c487c91ecdb4cea3437534faf905e8fb89ba248
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/negotiator/index.js
-
Size
2KB
-
MD5
279d02856c1815ce3b6745ee234a91ae
-
SHA1
d2dce41c415f88b5bb49939290d542bef8ec598d
-
SHA256
4f9279bcffc74199c671739f2d0e91fe5176a7f7e4683ca59809a50463a842bd
-
SHA512
3751b886d3f78d0be1e5010b6086b0df1175f85d52a75a11e9f09232bc35eddb8e92dee4f219b705f98a23c05eaebb79c414d4f57c9fc7ef1e3e831e41e1bcaf
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/negotiator/lib/charset.js
-
Size
3KB
-
MD5
7977a65b1542fa8ce9650e58607f4b07
-
SHA1
bf9f25a7bf6dc2176b70bc9da04fc162bdfbf4c4
-
SHA256
e6522a2df58f21a6cdf8d146f7e85b9a49bcaf68b813dec15068a8e84fc582c3
-
SHA512
6c5b88f2f56099018f13e40f0c675352271e63e928b03cd25630bda95059e5c289c78752947dc29e309e66264173d6ced7cc63fcbf0518e955ba12a2babf5396
Score1/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/negotiator/lib/encoding.js
-
Size
3KB
-
MD5
e03dd226452c58ce083ab4468851f0b1
-
SHA1
6066e153bcac0d060cd2e475ddad0e239422aa0d
-
SHA256
35421dc78d3c1b608922427bbd6e524518168621ff1a44919fc591ca297e813c
-
SHA512
f1966a345f3380075325952275a6ac0668fea52ae4caad431d8ab9068afe1a3c17b62d2be0dd9e19b48d843ecf3a58f94dbd52240a69234a2b232044468cd86f
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/negotiator/lib/language.js
-
Size
3KB
-
MD5
f10e434ae4eed2d3d46ff47582ed9938
-
SHA1
248baa661b5cd4a4368e1de987a5a911636c41ab
-
SHA256
4aebb44da06094f2d56f0b20b4fbdd542cda00a4c9295e10bbe55203701c9024
-
SHA512
d7bac6e2ce28525d67e0b8eff4e2fe1868d11ec69f98c310c1e6258504bcdefcecace967a7721fdeabd93aa18d0d40d1bfe54dcedf0991ed12119af8bde74490
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/negotiator/lib/mediaType.js
-
Size
5KB
-
MD5
0fdaa0ed7cab2ce5fcbd7b361a85892c
-
SHA1
9fe7d1f6570e870bf5a90ada7ba1a7a53480f5cc
-
SHA256
0dab239c924fa4d5f823548e25dc9f10315bf490b821827b640318b7aa200577
-
SHA512
44bfbecb293939bc5df1b98c483fc01f36640de15225d936b919f733a202ccdda2f727f5543853de6e541157bdde8bf57f9cfc918e0ead1b990569e1779a7ba7
-
SSDEEP
96:JYFkWOwcE7FtJqyWGYYIb7wTblzuXrDciMaTmgI8CY1dzM/xKSNKbd3RFUslgXLl:JYFkW97RWtYIb+lzuXrDcfwmavzzgxKY
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/object-inspect/index.js
-
Size
18KB
-
MD5
30aec21da8fc4b15f237a4d6b99d1a9b
-
SHA1
362295d5c15b784bfaed0e8e0842e480b62ef811
-
SHA256
ff92423ab1db977c56b6a8f8bf38ea0de97590e96dfa18ada2639ede3ca9cb42
-
SHA512
3164926f777ef113310519e249ce766223b5a967cc8638f1859b159dae4a0b4971abaa5184e29953e168f415ef9fb11dea74c78154999b9bb846eecaabe56e58
-
SSDEEP
384:BNspDgYPWTFfB8OnNR6zAvnlxpCZydTgNR2cy5Y/o8xhEJl:BuxgYsWOnNozOx+yxgv2Zh
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/object-inspect/util.inspect.js
-
Size
42B
-
MD5
7be99e6d26fa9567c53527a9f2a0b799
-
SHA1
112022493fbdff21234ddcb2c94d2cf43766c7fb
-
SHA256
bb49299375c82d8d22983b76f6c25cd9ac923dc61cd25fffe9b3f71dad26dc40
-
SHA512
df05bf7b8a0550ea49d085ffda70a803980079cbfb739445ab02643264451d125478baf139b9a58f85d4074fefbc0192f9e3170b8031d040f1310facd04b03e8
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/on-finished/index.js
-
Size
4KB
-
MD5
b1c3d24b92f25989b8aefc7f6aaa91ba
-
SHA1
3f69307bd04cc4dfe71cd13616509f443b48f923
-
SHA256
8e16bae14ec63bac9cdbb50572a7b53061fee914712f5e803ff03c44e8845276
-
SHA512
4225c714bec718d7cc59cd2c91a07a77e41cce3ab52502bf9b5b9ccd7d0ce88c040e0a765e5b2c3576ac8f101dc00fff94f8c7ac7586111a545b228831a11ed0
-
SSDEEP
96:BZ90D5eD/n8EfkUlOXld3ZnzS75I51TNZ9FeVz2qNKXIhXDlp:b9uc8UkU4Xz3ZzY+1TNHF42aKXUXDlp
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/parseurl/index.js
-
Size
2KB
-
MD5
3750351b6b1aa7f3e65d5499ea45006e
-
SHA1
7f8870a8a8d53bda04d1c61037a348b5ae2f7de8
-
SHA256
811223d4a19492ccc642384dc84f0af4ad935557dfe8f63750d7ffd673e40f17
-
SHA512
f50d89b90850793e75919c19024a9f1fd27929628bc9c121d685f73c5472c756c8260f0101269550ee4708d370186472c01ba80a76e9220d1ce763f43725842e
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/path-to-regexp/index.js
-
Size
3KB
-
MD5
cb184302e8d26369e9c0392fa4c8d0cb
-
SHA1
d832b595ede9ef5017a7c1d817689ba20aa1bb1f
-
SHA256
c6fca7c07d17e676c51896b785576a118ccffa934959ddcee7ed106d3f8d4d01
-
SHA512
536437dd8c35d74748c7fe25d6d5427103cd0fffa8b6eaad2d786a9a4943191ebc1763bd4d104455280a5789c764079278d4ef33b1820e51ad8674965662a6c7
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/proxy-addr/index.js
-
Size
5KB
-
MD5
0ec33ea2ccb3a107c666a0b311f0e28e
-
SHA1
b03a544515e5ff12276828eeb08ad773661513c8
-
SHA256
c586f959f09961edc6e261d9404455fce40998a221f71d44833bb4b12796c33c
-
SHA512
4e494c7cc69a0f41fad896df84ae90e8a3aa58c7229e35507c281c4d57d238efa01801ab076e2594b4016feeea161f60913709d11c94fefe3e1c852267bb2413
-
SSDEEP
96:voP1XR7qGGNUNB2iAJsauyKhQANc/EXx+4aRNIov07YNJzti1+CunHQQ/b:voP1XJqxUNUuauyKNNC4uVJn3nH3b
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/qs/lib/formats.js
-
Size
476B
-
MD5
74e3187201ce03c0be48c3d744ce9b93
-
SHA1
eddc3b28123bd9e925b374362465b2488734ffde
-
SHA256
d4e3de8b5a4c94865d8acd6f1c7538144732d466769661160bc0bf6ec9db3f4f
-
SHA512
39c1c72dc94536acff463be2a1bf7dc28b0e31ec377aba76f0ec86891ee4ca94b4d7af1aaa653e500d9e1f8e46538f3af75469c3aa42ed39eb21d1a7080c0c17
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/qs/lib/index.js
-
Size
211B
-
MD5
1459a9952f6b500d24818bb6e3e37368
-
SHA1
9039aef43bebb9c999e4711d367211cc97b710d3
-
SHA256
8f4e02eef6ccc43f2b7448c18ae209281c8e9af9807cad491df67450e3817a95
-
SHA512
50365d03580e5db9fd07fd0771ccb702e5b18173e7200ca3e8c792cadba571f6edd5b6cc12458296277143c3c63cd3adadeb3c8dca140a6a18c525b107cae66a
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/qs/lib/parse.js
-
Size
9KB
-
MD5
90f8fbd8451fdb537b916f9b2f753456
-
SHA1
e7ab39db4097550ea490330813be3788738f8d48
-
SHA256
9611d65366166f5f826b647f6f2dc25ad94eb5d0259e9646bfd13784dfce907c
-
SHA512
24ca0ebd2b5501e956ec240a57b14eb9e204b338e6b0accffc0412e174eb4524f84b4bca71d8e6785153594159f8ae8730d09d0414fc1c407c94040fe33bbc64
-
SSDEEP
192:c5o1s3b0vlfby2bbEMY8qenkgFE1rugZHbVHIZ4vHyw5FTLShKjb412QEH3v4e18:c55mbEbCFPgZBECR412QEH3v7XwMlA
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/qs/lib/stringify.js
-
Size
10KB
-
MD5
1cbd67c569a1faee16de2ff17fc8bf10
-
SHA1
02d0313c24e068228b98ac886f173f70de62b39d
-
SHA256
62c4b11841066e8a50a8f53b67dca13daea011dd3f6244456ea25ec2bbe5d834
-
SHA512
defcbfcaee7784cd46d397f8877e2fa0eb63a9b438f5fc1ebcdadc8d5e0a3e67b08ba9da3e759a78c03363e680f52d54505e1939f15ca95c93dd3ad61a4eadce
-
SSDEEP
192:NDRWpkwbPXYoJB5SqqayEWvufCY6U0dUT+lavIxmwQ3qmlpLZnJU4tAJOFPXxTOe:NDRWpkmPXYoJBh8uku+laj33FJJAs5Xt
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/qs/lib/utils.js
-
Size
6KB
-
MD5
37d7f5eda99a09f6169ddb31b0800519
-
SHA1
8695a4b17cbb4204cea789012e2426aaaf9489f2
-
SHA256
1a360b096b61cb5d5260e6543ed032677d7dcadb0bcf9ba5c42833ca75622e9b
-
SHA512
8a26ed9530378195313729054cb8b063b496b61769a96ae50339349ad46019c8186c5f6426fc2ec8184d22efa7ccf546d1124a9b6467d57ed99019e2e9dd4bd6
-
SSDEEP
192:zDKQfExDd3InEk0OIhB5oWB76OLMthk2L7KkNOW128RFlxJPyqqXrbFoQPI:zDKQH0hCWhIkOKioI
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/range-parser/index.js
-
Size
2KB
-
MD5
e72576333d27d1c9b3901c4b9e597f27
-
SHA1
99f605cd5ba471183657fbf318dbc8e5ec82f042
-
SHA256
38786526d000475300728db07455aa21d1e37b0f24e48fbc4cb30136ae30b07b
-
SHA512
86a0d770c08b7e61dea3f63b12736e11737874d32650f263a3728c01c93027ed305fa80aec05997584e7f6ebe8f78dd0f17c26a1eb5fc4653afab501971fcdda
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/raw-body/index.js
-
Size
7KB
-
MD5
c7da7dd272deb49b1042a6ad81419d5e
-
SHA1
8a4cba78d978452aa8c722f77ab07c0da12b35e1
-
SHA256
e1c1ff9152ec1f5cf1ef1c2b853d6723e93ba13e4e9f1f15f9c6b2026a39a1cb
-
SHA512
7083169d33557a58e20573ac46dd0de8e319903bbafbc3618d7cf19af88943253a1c34fc232d58b9a0b52221138dcf3bc67b0d412ee98c306d405f23687b607f
-
SSDEEP
192:8ZJAKvoBunmQyMM0y12udG+b4a6tiBtz7XzGIXUXDlp:8ZSKnmDR3dGhE3Y3
Score3/10 -
-
-
Target
Solara.Dir/Monaco/fileaccess/node_modules/safe-buffer/index.js
-
Size
1KB
-
MD5
35de14728187b87c9ab687c3bdc37436
-
SHA1
94ae42f086b35537cc69d82c0f55c6d59e6b8d98
-
SHA256
184d5c4a83512e3f49d4d5b52f7073f601f933bad11f1fbb3ad364ca5e6478e1
-
SHA512
b2b3ef941a8d76480f519b68cd05ecf0aace617a2c414f3e7d375a59718b06f6e7bf88ef384f3e400642431c296bf400f80048e4ad8efb93860e41d697f337b1
Score3/10 -
-
-
Target
Solara.Dir/Monaco/index.html
-
Size
20KB
-
MD5
7ed00e10ff463cc9afd05d41fc77ac06
-
SHA1
66e162bdbf6df1e1d5b994b8db39fa67ab080783
-
SHA256
808f2c68960e6e521975c8c8efaa90a4053cfb207c4042687ea7afdd091543ee
-
SHA512
4b598cc17654a866c758c33982e776e522f0177f3c987908a18f62385b393338582efbca149817df7cea66eb8cfaa11d566ebfcb59c88d22156f0f1f4d224285
-
SSDEEP
384:FihTARA5LmClk2P5VvW4NGthbVBJjEBh+BILnoamLR7:FihTnlf+lthbVBJegyboamLR7
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
Solara.Dir/Monaco/vs/basic-languages/lua/lua.js
-
Size
5KB
-
MD5
8706d861294e09a1f2f7e63d19e5fcb7
-
SHA1
fa5f4bdc6c2f1728f65c41fb5c539211a24b6f23
-
SHA256
fc2d6fb52a524a56cd8ac53bfe4bad733f246e76dc73cbec4c61be32d282ac42
-
SHA512
1f9297eb4392db612630f824069afdc9d49259aba6361fb0b87372123ada067bc27d10d0623dc1eb7494da55c82840c5521f6fef74c1ada3b0fd801755234f1f
-
SSDEEP
96:SD3yDUfRD5dyVdO29SvE/TMCL8CvcOAtOfxSVkxMZlMfE:nD4Ldyn7Ss/TMmUtOfxhxjE
Score3/10 -
-
-
Target
Solara.Dir/Monaco/vs/editor/editor.main.js
-
Size
2.0MB
-
MD5
9399a8eaa741d04b0ae6566a5ebb8106
-
SHA1
5646a9d35b773d784ad914417ed861c5cba45e31
-
SHA256
93d28520c07fbca09e20886087f28797bb7bd0e6cf77400153aab5ae67e3ce18
-
SHA512
d37ef5a848e371f7db9616a4bf8b5347449abb3e244a5527396756791583cad455802450ceeb88dce39642c47aceaf2be6b95bede23b9ed68b5d4b7b9022b9c8
-
SSDEEP
24576:SmmBNDw4gCXJkB4nIg2IxhbaeZYIMsNjvit4f:wDw4gCXJk62+aeKIMsNjvit4f
Score3/10 -
-
-
Target
Solara.Dir/Monaco/vs/editor/editor.main.nls.js
-
Size
31KB
-
MD5
74dd2381ddbb5af80ce28aefed3068fc
-
SHA1
0996dc91842ab20387e08a46f3807a3f77958902
-
SHA256
fdd9d64ce5284373d1541528d15e2aa8aa3a4adc11b51b3d71d3a3953f8bcc48
-
SHA512
8841e0823905cf3168f388a7aeaf5edd32d44902035ba2078202193354caf8cd74cb4cab920e455404575739f35e19ea5f3d88eab012c4ebefc0ccb1ed19a46e
-
SSDEEP
384:h03CdtOurX25WyV1Vdf40CJjocZC6F7PKUvRjAaswHq9x3H6Sg4NFVlQlUDZpLjb:23mmysb1zVes3pxCSgwgwjhb
Score3/10 -
-
-
Target
Solara.Dir/Monaco/vs/loader.js
-
Size
27KB
-
MD5
8a3086f6c6298f986bda09080dd003b1
-
SHA1
8c7d41c586bfa015fb5cc50a2fdc547711b57c3c
-
SHA256
0512d9ed3e5bb3daef94aa5c16a6c3e2ee26ffed9de00d1434ffe46a027b16b9
-
SHA512
9e586742f4e19938132e41145deec584a7b8c7e111b3c6e9254f8d11db632ebe4d66898458ed7bcfc0614d06e20eb33d5a6a8eb8b32d91110557255cf1dbf017
-
SSDEEP
768:3J6C/c2x0cAu57XQxJRDRi+R/TvrCv3zM2GRl0VEj:Z6grH7qTXRvmDI
Score3/10 -
-
-
Target
Solara.Dir/Newtonsoft.Json.dll
-
Size
695KB
-
MD5
195ffb7167db3219b217c4fd439eedd6
-
SHA1
1e76e6099570ede620b76ed47cf8d03a936d49f8
-
SHA256
e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
-
SHA512
56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
-
SSDEEP
12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score1/10 -
-
-
Target
Solara.Dir/WebView2Loader.dll
-
Size
133KB
-
MD5
a0bd0d1a66e7c7f1d97aedecdafb933f
-
SHA1
dd109ac34beb8289030e4ec0a026297b793f64a3
-
SHA256
79d7e45f8631e8d2541d01bfb5a49a3a090be72b3d465389a2d684680fee2e36
-
SHA512
2a50ae5c7234a44b29f82ebc2e3cfed37bf69294eb00b2dc8905c61259975b2f3a059c67aeab862f002752454d195f7191d9b82b056f6ef22d6e1b0bb3673d50
-
SSDEEP
3072:e5i6Uab3sFhPk6vEmG1PU6dLXm2ng3esQDqEt2JljdTu:e5P2e6vERtUyTmHEtmI
Score1/10 -
-
-
Target
Solara.Dir/Wpf.Ui.dll
-
Size
5.2MB
-
MD5
aead90ab96e2853f59be27c4ec1e4853
-
SHA1
43cdedde26488d3209e17efff9a51e1f944eb35f
-
SHA256
46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed
-
SHA512
f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d
-
SSDEEP
98304:Com1p/B6MvSmaRI+VcDNkq4pmvhAHDfyyrhl:W1HZNkq4p
Score1/10 -
-
-
Target
Solara.Dir/cd57e4c171d6e8f5ea8b8f824a6a7316.dll
-
Size
4.1MB
-
MD5
59267336c1fe47aa25e6000032ca954f
-
SHA1
158e84501d5066d12fea68269233666c8c41ced2
-
SHA256
0564c0d73f3cdccf8c503248de285bd846be90a27972429e3b70f1ab1e619150
-
SHA512
4aeba8de76a1d7a2dced451dc51c3381453c1124958563faf80ba82226d0c082f85f28984a84fb1a1a2d454d20d602501bdee712471c12651887b7bbbf22050d
-
SSDEEP
98304:IgA6Fu8Ajvchxc2jAtB4TEr69vBIXLaOib84mC5i9xtbMke:YduxNUtOTEr6tHb84mhftZ
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Solara.Dir/cd57e4c171d6e8f5ea8b8f824a6a7316.exe
-
Size
90KB
-
MD5
d84e7f79f4f0d7074802d2d6e6f3579e
-
SHA1
494937256229ef022ff05855c3d410ac3e7df721
-
SHA256
dcfc2b4fa3185df415855ec54395d9c36612f68100d046d8c69659da01f7d227
-
SHA512
ed7b0ac098c8184b611b83158eaa86619001e74dba079d398b34ac694ce404ba133c2baf43051840132d6a3a089a375550072543b9fab2549d57320d13502260
-
SSDEEP
1536:gea4Ta4b9I3BbbHVlnOXrPBdfeISRAOl801AbcsqD95wSxdRf3:gea4Ta4JMbb1lnOXrPXe7Yhq5Zf
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Solara-main/Files/SolaraBootstrapper.exe
-
Size
13KB
-
MD5
0cc81729f4bd4a6eac95cc442bc8df2a
-
SHA1
5d5f367e720684dd64cfb5340d9911ec0782fdac
-
SHA256
92960ae4a38d896418a14a1db5ba1547aa273443790e858d00dac4ce64550c2a
-
SHA512
f6fc1fca47e4620e24652d8dc2aa88cdd7363172b31122c05d262349aeec88407a2b3fbbc4e4834c359960d4981fb9f674cfbfd9d5743dc917df72a3ebfb3c90
-
SSDEEP
192:+ZnqvqiVx1BLO77IaqaLHmr/XKTxnTjw1hOPVXmNjA:0nCVxoIaqayzKtnw1h6VKj
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Solara-main/Storage/Drawing.lua
-
Size
15KB
-
MD5
6033700d948affe911f6553cc99ec490
-
SHA1
c6a2caf97bfd27f62fe27e506393c953fcae010b
-
SHA256
9d4c5304b6427621e7854985a361f99a1abaa503b19fab31a94f31fcb72e93da
-
SHA512
3796e0238c05b474875e0b63e1dcba7037ed0bf2f13e069989858e561d4f0d0f754e3142fe264bf1b63887d5345d776080abf7e6b62be7c6af066515c4832fb2
-
SSDEEP
384:eDABXf8cDP8g8KUF1qjoRpR9n3CJoj4jRayhfLojrAD5pXMFuH:MABP8cq1qjjoj4j/dojgZ
Score3/10 -