3f0a29a31524c5fb823e95aa5097ef45eb9c94e4298549d9ae65e04a3c396406

Sharing

Copy URL

Twitter E-mail

General

Target

SolaraB.zip
Size

11KB
Sample

240811-pqe8sszarq
MD5

0ca3f06ef6d35e707537fd8d06a67082
SHA1

deea61d1e436639e4c36fa9db9621055632e1c7c
SHA256

3f0a29a31524c5fb823e95aa5097ef45eb9c94e4298549d9ae65e04a3c396406
SHA512

7c0827aa05bf63457b96a0a3a59ee407f781d3db3152ff384e6e6904044fa7073f69d3ad8e5dbb790ca141c60e6f4603fc49fb3016bcfcf1669ca560147efb67
SSDEEP

192:uRJ89IIZRWxy0dAD0bReAXrQMwy5IWMwy5IpDpo/Lto/L3H9d:uRJ89IIZR6dg09eAXpwcIHwcI5poZoDz

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  SolaraB.zip
- Size
  
  11KB
- MD5
  
  0ca3f06ef6d35e707537fd8d06a67082
- SHA1
  
  deea61d1e436639e4c36fa9db9621055632e1c7c
- SHA256
  
  3f0a29a31524c5fb823e95aa5097ef45eb9c94e4298549d9ae65e04a3c396406
- SHA512
  
  7c0827aa05bf63457b96a0a3a59ee407f781d3db3152ff384e6e6904044fa7073f69d3ad8e5dbb790ca141c60e6f4603fc49fb3016bcfcf1669ca560147efb67
- SSDEEP
  
  192:uRJ89IIZRWxy0dAD0bReAXrQMwy5IWMwy5IpDpo/Lto/L3H9d:uRJ89IIZR6dg09eAXpwcIHwcI5poZoDz
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  SolaraB/Solara/SolaraBootstrapper.exe
- Size
  
  13KB
- MD5
  
  6557bd5240397f026e675afb78544a26
- SHA1
  
  839e683bf68703d373b6eac246f19386bb181713
- SHA256
  
  a7fecfc225dfdd4e14dcd4d1b4ba1b9f8e4d1984f1cdd8cda3a9987e5d53c239
- SHA512
  
  f2399d34898a4c0c201372d2dd084ee66a66a1c3eae949e568421fe7edada697468ef81f4fcab2afd61eaf97bcb98d6ade2d97295e2f674e93116d142e892e97
- SSDEEP
  
  192:konexQO0FoAWyEfJkVIaqaLHmr/XKT0ifnTJ1jvVXctNjA:HnexHAWyEfJoIaqayzKAifd1LVEj
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral3 behavioral4
- Target
  
  SolaraB/Solara/workspace/IY_FE.iy
- Size
  
  662B
- MD5
  
  6cde5e80c58d57f2ffa3942d3c209a25
- SHA1
  
  10295accc2a0f073a7aec5ecbae0de44936045d6
- SHA256
  
  8ff0e30ca2d7df405819c77ca67cec2269f1ff477fa821030a6b4a7cb9173b71
- SHA512
  
  88e0e3316bd48f354517bb773aeab16e1eb8013f7c165e2c7b1159ddf8829c296544f20581bebac2a7337d1efcfa306f1b6ba41816c33e1ea0de18f5f6b2ce0d
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  SolaraB/Solara/workspace/drax/configs/da_hood/ai generated
- Size
  
  2KB
- MD5
  
  58de84daadb2d92024121293fc0ee8ca
- SHA1
  
  186cc02a1c9ed7054ea541dbc6c5e2f47cebee2f
- SHA256
  
  27b1487416185e8ff282509eb036cd78ab3f5c78578b664129194bda00541b8e
- SHA512
  
  f5caeb282919cd0c9645edc00b50855dc620516839ebe135eb1eae4869b2112a3bd38615773c6729c38c7062a9ddeabbd9f07c7e69f9207b1305a5c039f62243
Score

1^/10
behavioral7 behavioral8
- Target
  
  SolaraB/Solara/workspace/drax/configs/da_hood/low ping config.txt
- Size
  
  2KB
- MD5
  
  afacad56a8037c61c30e30c8862be12a
- SHA1
  
  f9f75e90b2dbc1c494caeff566242788e55f1704
- SHA256
  
  fbf0fe9b7c7cf886113c88c828797f04d5029e3521a14868889236fd17e9b7ec
- SHA512
  
  066db386515df2d617e0c33993e596264a493aeff72b2aa5cef2e50097a97ca3a4a6162521111796a23ad9a522a1fc80e4c9784cc8cc48d8f586e2e97103f8d7
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  SolaraB/Solara/workspace/drax/configs/da_hood/lvok.txt
- Size
  
  2KB
- MD5
  
  58de84daadb2d92024121293fc0ee8ca
- SHA1
  
  186cc02a1c9ed7054ea541dbc6c5e2f47cebee2f
- SHA256
  
  27b1487416185e8ff282509eb036cd78ab3f5c78578b664129194bda00541b8e
- SHA512
  
  f5caeb282919cd0c9645edc00b50855dc620516839ebe135eb1eae4869b2112a3bd38615773c6729c38c7062a9ddeabbd9f07c7e69f9207b1305a5c039f62243
Score

1^/10
behavioral11 behavioral12
- Target
  
  SolaraB/Solara/workspace/rostruct/cache/release_tags.json
- Size
  
  2B
- MD5
  
  99914b932bd37a50b983c5e7c90ae93b
- SHA1
  
  bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
- SHA256
  
  44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
- SHA512
  
  27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  low ping config.txt
- Size
  
  2KB
- MD5
  
  afacad56a8037c61c30e30c8862be12a
- SHA1
  
  f9f75e90b2dbc1c494caeff566242788e55f1704
- SHA256
  
  fbf0fe9b7c7cf886113c88c828797f04d5029e3521a14868889236fd17e9b7ec
- SHA512
  
  066db386515df2d617e0c33993e596264a493aeff72b2aa5cef2e50097a97ca3a4a6162521111796a23ad9a522a1fc80e4c9784cc8cc48d8f586e2e97103f8d7
Score

3^/10

discovery
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16