SolaraB[.]7z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SolaraB.7z
Size

393KB
MD5

e18552488fb4e427f9d4e32c81b9e1bf
SHA1

3a7eeb4556b26493a5e0c515733fee77a26a5262
SHA256

50ca2b466db8fcadb4cddb16221e399ca730ead598936b3fbc1fed705b5069fc
SHA512

7a69d6ddd8aa056fb1ee573e4be49fd5fada94388d4daad7d29d7ba6dcf0a52ce595d0a254228daebed4f20c58d09e2a2267c36e10a0d0c43beb3b5308c20a45
SSDEEP

12288:0uSuRhq1sxIW3ZXSN5ze6CRFXk2oqEJ3Ut80693Jh:RZfsNdewsEXnZh

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SolaraB/Bootstrapper.exe
unpack001/SolaraB/BootstrapperV1.15.exe
unpack001/SolaraB/BootstrapperV1.16.exe

Files

SolaraB.7z
.7z
SolaraB/Bootstrapper.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Ashtin\Desktop\WTF\SolaraBootstrapper\SolaraBootstrapper\bin\Release\Bootstrapper.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 793KB - Virtual size: 792KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SolaraB/BootstrapperV1.15.exe
.exe windows:4 windows x64 arch:x64

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 793KB - Virtual size: 793KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SolaraB/BootstrapperV1.16.exe
.exe windows:4 windows x64 arch:x64

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 793KB - Virtual size: 793KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SolaraB/DISCORD
SolaraB/scripts/Dark Dex
SolaraB/scripts/Unnamed ESP
SolaraB/workspace/.tests/appendfile.txt
SolaraB/workspace/.tests/getcustomasset.txt
SolaraB/workspace/.tests/isfile.txt
SolaraB/workspace/.tests/listfiles/test_1.txt
SolaraB/workspace/.tests/listfiles/test_2.txt
SolaraB/workspace/.tests/loadfile.txt
SolaraB/workspace/.tests/readfile.txt
SolaraB/workspace/.tests/writefile
SolaraB/workspace/.tests/writefile.txt
SolaraB/workspace/IY_FE.iy
SolaraB/workspace/dex/deps_version.dat
SolaraB/workspace/dex/rbx_api.dat
SolaraB/workspace/dex/rbx_rmd.dat

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 793KB - Virtual size: 792KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 793KB - Virtual size: 793KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 793KB - Virtual size: 793KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 793KB - Virtual size: 792KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 793KB - Virtual size: 793KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 793KB - Virtual size: 793KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B