SolaraB_V13[.]zip | Triage

Resubmissions

02-08-2024 18:51

240802-xhrwma1alg 6

02-08-2024 18:50

240802-xhcrps1aka 6

Sharing

General

Target

SolaraB_V13.zip
Size

275KB
MD5

7aa1c30a854740c641077ab14be131d0
SHA1

2e746a637719704091f7937e5e43767b67ceced4
SHA256

4ae42054daa3e68d3d320cd189d199124a21d07a08680a9bd39e5c86f223f5dd
SHA512

11160b31b5d7f2bd44e75ea4056b153c4e857d24b28cb7a96ed33269f58833f2feb7b58e10574e3aeb1bc6f6431ce0c4a36546d2513fa96c6d9e538e5bdb9dc1
SSDEEP

6144:z3xeJOH/OgbTHZpYCUYKB/kM3WkpmBmzLAKEh5PUb:zY+O6jVUYUkAD4MzLlEh5PE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SolaraB V13/Bootstrapper.exe

Files

SolaraB_V13.zip
.zip
SolaraB V13/Bootstrapper.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Ashtin\Desktop\WTF\SolaraBootstrapper\SolaraBootstrapper\bin\Release\Bootstrapper.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 793KB - Virtual size: 792KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ