solarisR[.]exe

Resubmissions

25/08/2024, 22:58

240825-2xypya1hqm 6

25/08/2024, 22:54

240825-2vn3qazcqh 6

25/08/2024, 22:53

240825-2vc1fs1gnj 6

25/08/2024, 22:40

240825-2lhvcaygne 7

Sharing

Copy URL Twitter E-mail

General

Target

solarisR.exe
Size

2.9MB
MD5

ff8e7b3a5ca1d2851c559a2be62efef7
SHA1

f2777dc2b2e3c54166070322c4c63ef2276cf16b
SHA256

b8c74a0c68697bd1ed5d362007823e01cb7911d30c3b6682bfa51837d638de72
SHA512

c39d31d76b1ea81d7d627f2d42c0ecd84d594a245a2db7239cf640df3f5a869ce0e1b64f94b9265bd7458e13543125fbab415ef088fd3707bd014f150fcb66c3
SSDEEP

49152:4bvGigMNu+du/Dh3+tNLLnbmnR/EHBLizs22r9H7lcdI5mLBgS:b+tN97KdK8g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
solarisR.exe

Files

solarisR.exe
.exe windows:5 windows x86 arch:x86

7dc07092b0552250700ae8aaf455ed19

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Nff\source\repos\SolarisR\Release\SolarisR.pdb

Imports

msimg32

AlphaBlend

winmm

waveOutReset
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite

psapi

GetProcessImageFileNameA

kernel32

TerminateThread
LoadLibraryA
Process32FirstW
CloseHandle
CreateThread
GetProcAddress
LocalFree
ExitProcess
lstrcmpW
HeapFree
HeapAlloc
GetProcessHeap
FindNextFileA
GetFileType
Process32NextW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
Sleep
CreateToolhelp32Snapshot
OpenProcess
lstrcmpA
LocalAlloc
GetModuleFileNameW
WriteFile
GetCurrentProcess
GetCommandLineW
SetPriorityClass
CreateFileW
GetStringTypeW
HeapSize
FlushFileBuffers
GetConsoleCP
GetConsoleMode
CreateFileA
SetFilePointerEx
WriteConsoleW
DecodePointer
SetStdHandle
GetCPInfo
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RaiseException
GetStdHandle
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleExW
GetACP
HeapReAlloc
FindClose
FindFirstFileExA

user32

RedrawWindow
GetDesktopWindow
ReleaseDC
GetMessageW
DefWindowProcW
DispatchMessageW
ExitWindowsEx
GetSystemMetrics
CreateWindowExA
TranslateMessage
RegisterClassExA
GetDC
GetWindowRect
MessageBoxA

gdi32

CreateDIBSection
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
CreatePolygonRgn
DeleteDC
CreatePen
SelectClipRgn
Ellipse
DeleteObject
InvertRgn
CreateSolidBrush
CreateEllipticRgn
PlgBlt

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

shell32

ShellExecuteW
CommandLineToArgvW
ShellExecuteExW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

7dc07092b0552250700ae8aaf455ed19

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msimg32

winmm

psapi

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 2.8MB - Virtual size: 2.8MB

.data Size: 2KB - Virtual size: 20KB

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 2.8MB - Virtual size: 2.8MB

.data
Size: 2KB - Virtual size: 20KB

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 7KB - Virtual size: 7KB