SolaraV3[.]zip

Resubmissions

13/08/2024, 19:52

240813-ylwvesxfnp 6

13/08/2024, 18:50

240813-xg6y6averj 6

Sharing

Copy URL Twitter E-mail

General

Target

SolaraV3.zip
Size

15.4MB
MD5

b08f9680f2f8cc5c610dd493c836b9d4
SHA1

81cf4fb8d0e3c8ba4d579021b9a4e6a025ba9df4
SHA256

38b19f7f422013a6e1876b338b0f4645d077f1f1bf3efb805288b009e930ed31
SHA512

440f3279c6a29909ed6b36aab5a936bb78fed0f391c41a6d9ee9a88276ec8cf53e0ccea7307a9f4a2f29e94d89038e28c33145904f884954e3b4aab62fac5ef0
SSDEEP

393216:nZ4xvRX6PicXHBIDaAXlt5WF7c40JVfE1zKo7PDvT2ETyF:mx+h8/XBWUVfEw2v2ETyF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Boostrapper.exe

Files

SolaraV3.zip
.zip
Boostrapper.exe
.exe windows:6 windows x64 arch:x64

42cf0335a54111b2bdb7f45cdec1ef78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\deno\deno\target\release\deps\deno.pdb

Imports

iphlpapi

GetAdaptersAddresses

ntdll

NtCancelIoFileEx
RtlUnwindEx
RtlNtStatusToDosError
RtlPcToFileHeader
NtDeviceIoControlFile
RtlCaptureStackBackTrace
RtlDeleteFunctionTable
RtlAddFunctionTable
VerSetConditionMask
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
NtCreateFile
RtlUnwind

bcrypt

BCryptGenRandom

advapi32

RegCloseKey
SystemFunction036
RegOpenKeyExW
RegQueryValueExW

dbghelp

SymGetModuleBase64
SymSetOptions
SymInitialize
SymGetLineFromAddr64
SymFromAddr
SymGetSearchPathW
SymFunctionTableAccess64
StackWalk64
SymSetSearchPathW

kernel32

GetACP
IsValidCodePage
MultiByteToWideChar
HeapSize
GetFileSizeEx
GetConsoleOutputCP
EnumSystemLocalesW
FindFirstFileExW
SetStdHandle
SetEndOfFile
GetOEMCP
GetStringTypeW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCommandLineA
GetCPInfo
FreeLibraryAndExitThread
SwitchToThread
SetConsoleMode
LeaveCriticalSection
CloseHandle
SetConsoleCursorPosition
lstrlenW
WaitForSingleObject
GetLastError
GetExitCodeProcess
GetCurrentProcessId
GetCommandLineW
GetProcessHeap
HeapFree
AddVectoredExceptionHandler
HeapAlloc
HeapReAlloc
GetStdHandle
GetFileInformationByHandleEx
GetConsoleMode
EnterCriticalSection
Sleep
DeviceIoControl
CreateHardLinkW
TerminateProcess
ReadFile
FreeLibrary
RegisterWaitForSingleObject
GetProcessId
SetEnvironmentVariableW
SetErrorMode
SetThreadErrorMode
LoadLibraryW
GetProcAddress
GetConsoleScreenBufferInfo
SetCurrentDirectoryW
GetEnvironmentStringsW
FreeEnvironmentStringsW
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
SetFileTime
GetOverlappedResult
WriteFile
CancelIoEx
SetFileCompletionNotificationModes
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
WaitForSingleObjectEx
CreateFileW
CreateSemaphoreW
ReadDirectoryChangesW
ReleaseSemaphore
CancelIo
GetSystemInfo
GetModuleHandleA
SetFileInformationByHandle
SetHandleInformation
GetConsoleCursorInfo
SetConsoleCursorInfo
ReadConsoleInputW
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
GetFileInformationByHandle
TlsGetValue
TlsSetValue
DeleteCriticalSection
GetModuleHandleW
SetLastError
GetEnvironmentVariableW
WriteConsoleW
InitializeCriticalSection
GetCurrentProcess
GetCurrentThread
ReleaseMutex
GetCurrentDirectoryW
LoadLibraryA
CreateMutexA
TlsAlloc
FormatMessageW
GetTempPathW
GetModuleFileNameW
FlushFileBuffers
DuplicateHandle
SetFilePointerEx
FindNextFileW
CreateDirectoryW
ReadConsoleW
TryEnterCriticalSection
FindFirstFileW
CreateProcessW
CreateNamedPipeW
CreateEventW
WaitForMultipleObjects
ExitProcess
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
FindClose
DeleteFileW
MoveFileExW
RemoveDirectoryW
SetFileAttributesW
CopyFileExW
CreateThread
GetFinalPathNameByHandleW
UnregisterWaitEx
SetConsoleTextAttribute
GetSystemTimes
GlobalMemoryStatusEx
GetVersionExA
GetTimeZoneInformation
WideCharToMultiByte
GetThreadTimes
GetCurrentThreadId
DeleteFileA
GetTempPathA
GetTempFileNameA
GetFileType
OutputDebugStringA
VerifyVersionInfoW
VirtualAlloc
VirtualFree
IsDebuggerPresent
TlsFree
QueryThreadCycleTime
GetThreadPriority
SetThreadPriority
VirtualProtect
LoadLibraryExW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
TryAcquireSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceExecuteOnce
SetUnhandledExceptionFilter
GetNativeSystemInfo
InitializeConditionVariable
OpenThread
SuspendThread
GetThreadContext
ResumeThread
CreateSemaphoreA
ExitThread
GetModuleHandleExW
EncodePointer
RaiseException
IsProcessorFeaturePresent
GetStartupInfoW
UnhandledExceptionFilter
InitializeSListHead
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount

ole32

CoTaskMemFree

shell32

SHGetKnownFolderPath

ws2_32

getaddrinfo
freeaddrinfo
WSAStartup
WSACleanup
recvfrom
setsockopt
recv
send
shutdown
WSASend
sendto
getpeername
WSASocketW
getsockname
getsockopt
connect
accept
ioctlsocket
socket
WSAIoctl
WSAGetLastError
listen
bind
closesocket

winmm

timeGetTime

Exports

Exports

CrashForExceptionInNonABICompliantCodeRange

Sections

.text
Size: 22.3MB - Virtual size: 22.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10.5MB - Virtual size: 10.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 891KB - Virtual size: 890KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

42cf0335a54111b2bdb7f45cdec1ef78

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

iphlpapi

ntdll

bcrypt

advapi32

dbghelp

kernel32

ole32

shell32

ws2_32

winmm

Exports

Exports

Sections

.text Size: 22.3MB - Virtual size: 22.3MB

.rdata Size: 10.5MB - Virtual size: 10.5MB

.data Size: 81KB - Virtual size: 203KB

.pdata Size: 891KB - Virtual size: 890KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 43KB - Virtual size: 42KB

.reloc Size: 130KB - Virtual size: 129KB

.text
Size: 22.3MB - Virtual size: 22.3MB

.rdata
Size: 10.5MB - Virtual size: 10.5MB

.data
Size: 81KB - Virtual size: 203KB

.pdata
Size: 891KB - Virtual size: 890KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 43KB - Virtual size: 42KB

.reloc
Size: 130KB - Virtual size: 129KB