4ae42054daa3e68d3d320cd189d199124a21d07a08680a9bd39e5c86f223f5dd | Triage

Resubmissions

02-08-2024 18:51

240802-xhrwma1alg 6

02-08-2024 18:50

240802-xhcrps1aka 6

Sharing

General

Target

SolaraB_V13.zip
Size

275KB
Sample

240802-xhcrps1aka
MD5

7aa1c30a854740c641077ab14be131d0
SHA1

2e746a637719704091f7937e5e43767b67ceced4
SHA256

4ae42054daa3e68d3d320cd189d199124a21d07a08680a9bd39e5c86f223f5dd
SHA512

11160b31b5d7f2bd44e75ea4056b153c4e857d24b28cb7a96ed33269f58833f2feb7b58e10574e3aeb1bc6f6431ce0c4a36546d2513fa96c6d9e538e5bdb9dc1
SSDEEP

6144:z3xeJOH/OgbTHZpYCUYKB/kM3WkpmBmzLAKEh5PUb:zY+O6jVUYUkAD4MzLlEh5PE

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  SolaraB V13/Bootstrapper.exe
- Size
  
  795KB
- MD5
  
  365971e549352a15e150b60294ec2e57
- SHA1
  
  2932242b427e81b1b4ac8c11fb17793eae0939f7
- SHA256
  
  faad2bc8e61b75e595a80ff2b6d150ff8b27187a8ba426cc1e5e38e193ab6d42
- SHA512
  
  f7ba1353e880213a6bdf5bd1dfdfd42a0acf4066a540a502e8df8fec8eac7fb80b75aa52e68eca98be3f7701da48eb90758e5b94d72013d3dff05e0aaf27e938
- SSDEEP
  
  12288:GYa9sBhIBdCdbX1USoeQDj/VNpA+dZIznBpGTEy:Pa98hIBdjSoeQDj/VNpZdZIznBpg
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2