Overview
overview
6Static
static
3SolaraB.zip
windows7-x64
3SolaraB.zip
windows10-2004-x64
1SolaraB/So...er.exe
windows7-x64
6SolaraB/So...er.exe
windows10-2004-x64
6SolaraB/So..._FE.iy
windows7-x64
3SolaraB/So..._FE.iy
windows10-2004-x64
3SolaraB/So...erated
windows7-x64
1SolaraB/So...erated
windows10-2004-x64
1SolaraB/So...ig.txt
windows7-x64
3SolaraB/So...ig.txt
windows10-2004-x64
3SolaraB/So...ok.txt
windows7-x64
1SolaraB/So...ok.txt
windows10-2004-x64
1SolaraB/So...s.json
windows7-x64
3SolaraB/So...s.json
windows10-2004-x64
3low ping config.txt
windows7-x64
3low ping config.txt
windows10-2004-x64
3Analysis
-
max time kernel
141s -
max time network
130s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
11-08-2024 12:31
Static task
static1
Behavioral task
behavioral1
Sample
SolaraB.zip
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
SolaraB.zip
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
SolaraB/Solara/SolaraBootstrapper.exe
Resource
win7-20240705-en
Behavioral task
behavioral4
Sample
SolaraB/Solara/SolaraBootstrapper.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
SolaraB/Solara/workspace/IY_FE.iy
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
SolaraB/Solara/workspace/IY_FE.iy
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
SolaraB/Solara/workspace/drax/configs/da_hood/ai generated
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
SolaraB/Solara/workspace/drax/configs/da_hood/ai generated
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
SolaraB/Solara/workspace/drax/configs/da_hood/low ping config.txt
Resource
win7-20240705-en
Behavioral task
behavioral10
Sample
SolaraB/Solara/workspace/drax/configs/da_hood/low ping config.txt
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
SolaraB/Solara/workspace/drax/configs/da_hood/lvok.txt
Resource
win7-20240704-en
Behavioral task
behavioral12
Sample
SolaraB/Solara/workspace/drax/configs/da_hood/lvok.txt
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
SolaraB/Solara/workspace/rostruct/cache/release_tags.json
Resource
win7-20240708-en
Behavioral task
behavioral14
Sample
SolaraB/Solara/workspace/rostruct/cache/release_tags.json
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
low ping config.txt
Resource
win7-20240704-en
Behavioral task
behavioral16
Sample
low ping config.txt
Resource
win10v2004-20240802-en
General
-
Target
SolaraB/Solara/workspace/drax/configs/da_hood/low ping config.txt
-
Size
2KB
-
MD5
afacad56a8037c61c30e30c8862be12a
-
SHA1
f9f75e90b2dbc1c494caeff566242788e55f1704
-
SHA256
fbf0fe9b7c7cf886113c88c828797f04d5029e3521a14868889236fd17e9b7ec
-
SHA512
066db386515df2d617e0c33993e596264a493aeff72b2aa5cef2e50097a97ca3a4a6162521111796a23ad9a522a1fc80e4c9784cc8cc48d8f586e2e97103f8d7
Malware Config
Signatures
-
System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 1 IoCs
Adversaries may check for Internet connectivity on compromised systems.
pid Process 4652 NOTEPAD.EXE -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 4652 NOTEPAD.EXE