SolaraB[.]zip | Triage

Sharing

General

Target

SolaraB.zip
Size

11KB
MD5

0ca3f06ef6d35e707537fd8d06a67082
SHA1

deea61d1e436639e4c36fa9db9621055632e1c7c
SHA256

3f0a29a31524c5fb823e95aa5097ef45eb9c94e4298549d9ae65e04a3c396406
SHA512

7c0827aa05bf63457b96a0a3a59ee407f781d3db3152ff384e6e6904044fa7073f69d3ad8e5dbb790ca141c60e6f4603fc49fb3016bcfcf1669ca560147efb67
SSDEEP

192:uRJ89IIZRWxy0dAD0bReAXrQMwy5IWMwy5IpDpo/Lto/L3H9d:uRJ89IIZR6dg09eAXpwcIHwcI5poZoDz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SolaraB/Solara/SolaraBootstrapper.exe

Files

SolaraB.zip
.zip

Password: s
SolaraB/Solara/SolaraBootstrapper.exe
.exe windows:4 windows x86 arch:x86

Password: s

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Ashtin\Desktop\WTF\SolaraBootstrapper\SolaraBootstrapper\obj\Debug\SolaraBootstrapper.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SolaraB/Solara/workspace/IY_FE.iy
SolaraB/Solara/workspace/drax/configs/da_hood/ai generated
SolaraB/Solara/workspace/drax/configs/da_hood/low ping config.txt
SolaraB/Solara/workspace/drax/configs/da_hood/lvok.txt
SolaraB/Solara/workspace/rostruct/cache/release_tags.json
low ping config.txt