Overview

overview

10

Static

static

3

Solara.zip

windows11-21h2-x64

1

Password - github.txt

windows11-21h2-x64

3

Solara/Deb...on.dll

windows11-21h2-x64

1

Solara/Deb...er.ini

windows11-21h2-x64

3

Solara/Deb...PF.tmp

windows11-21h2-x64

3

Solara/Deb...PT.tmp

windows11-21h2-x64

3

Solara/Deb...er.dll

windows11-21h2-x64

1

Solara/Deb...nt.log

windows11-21h2-x64

3

Solara/Deb...ce.dll

windows11-21h2-x64

1

Solara/Debug/main.ini

windows11-21h2-x64

3

Solara/Debug/ukm_db

windows11-21h2-x64

1

Solara/Pac...in.xml

windows11-21h2-x64

1

Solara/Pac...ce.dll

windows11-21h2-x64

1

Solara/Pac...ls.xml

windows11-21h2-x64

1

Solara/Solara.exe

windows11-21h2-x64

10

Solara/acc...pl.dll

windows11-21h2-x64

1

Solara/buf...ed.xml

windows11-21h2-x64

1

Solara/buf...py.xml

windows11-21h2-x64

1

Solara/buf...de.xml

windows11-21h2-x64

1

Solara/buf...al.xml

windows11-21h2-x64

1

Solara/buf...up.xml

windows11-21h2-x64

1

Solara/buf...na.xml

windows11-21h2-x64

1

Solara/oleprn.dll

windows11-21h2-x64

1

Solara/wwancfg.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    435s
  • max time network
    493s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    29-08-2024 18:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Solara/buffed/gheddaOptimal.xml

  • Size

    7KB

  • MD5

    06d269ff4d7e22a6dbf54191bf7c4f54

  • SHA1

    05fc3d31bf4d1f4b67742a205f1b607a8e6e527c

  • SHA256

    06c2e9fdaf092549ec926bffb21ba09a4d3284c4804f1fa56e9e69d0bf714086

  • SHA512

    e46b346017d2cead918c019ea14c3a46b1566da7a1cb67fa1d913daccd4dbbdffe4687bd5a9300d25018fc2de32ff5430c4e3ac6ff15818715119f0ec194d820

  • SSDEEP

    192:u+bj9Ijj5OhySOIQj8oNexPtaxTQAaCUe:5jgj5OkSOIQZeraZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 29 IoCs
    adwarespyware
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\Solara\buffed\gheddaOptimal.xml"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1768
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Solara\buffed\gheddaOptimal.xml
      2⤵
      • Modifies Internet Explorer settings
      PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1768-0-0x00007FFF79B30000-0x00007FFF79B40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1768-2-0x00007FFF79B30000-0x00007FFF79B40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1768-3-0x00007FFF79B30000-0x00007FFF79B40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1768-1-0x00007FFFB9B43000-0x00007FFFB9B44000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1768-6-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-5-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-4-0x00007FFF79B30000-0x00007FFF79B40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1768-7-0x00007FFF79B30000-0x00007FFF79B40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1768-9-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-10-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-8-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-11-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-15-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-14-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-17-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-16-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-13-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-12-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-21-0x00007FFF79B30000-0x00007FFF79B40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1768-20-0x00007FFF79B30000-0x00007FFF79B40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1768-22-0x00007FFFB9AA0000-0x00007FFFB9CA9000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1768-19-0x00007FFF79B30000-0x00007FFF79B40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1768-18-0x00007FFF79B30000-0x00007FFF79B40000-memory.dmp

    Filesize

    64KB

    Download