Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    10-08-2024 20:28

General

  • Target

    Solara.exe

  • Size

    133KB

  • MD5

    5ac0462702a125b10cad429f1a29ebe5

  • SHA1

    9a1f9e04fe156e929ef8edecaf9f11c7a5ee9ae2

  • SHA256

    eb6c724328e344f63d7fd7207b89e7c192411d624e69d64859f282cd36bf5bb7

  • SHA512

    f44af2ce1137bc7c8f9b54e605c6f08c0f1e56861d539e79bc35f6ccc724f8c5df15ba3611622172c21e57e19a2613cce132f6e3ab3e239fb5263b22b0add5aa

  • SSDEEP

    3072:1QoRzRjDjMbb1lnOXrPXe7Ehq5Zg1ulbSouMOy:OoRzRjDjMbnOXzWE0qNV

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Solara.exe
    "C:\Users\Admin\AppData\Local\Temp\Solara.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2376
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2376 -s 624
      2⤵
        PID:2260

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2376-0-0x000007FEF56D3000-0x000007FEF56D4000-memory.dmp

      Filesize

      4KB

    • memory/2376-1-0x000000013F660000-0x000000013F684000-memory.dmp

      Filesize

      144KB

    • memory/2376-2-0x000007FEF56D0000-0x000007FEF60BC000-memory.dmp

      Filesize

      9.9MB

    • memory/2376-3-0x000007FEF56D3000-0x000007FEF56D4000-memory.dmp

      Filesize

      4KB

    • memory/2376-4-0x000007FEF56D0000-0x000007FEF60BC000-memory.dmp

      Filesize

      9.9MB