Overview

overview

10

Static

static

3

Solara.zip

windows11-21h2-x64

1

Password - github.txt

windows11-21h2-x64

3

Solara/Deb...on.dll

windows11-21h2-x64

1

Solara/Deb...er.ini

windows11-21h2-x64

3

Solara/Deb...PF.tmp

windows11-21h2-x64

3

Solara/Deb...PT.tmp

windows11-21h2-x64

3

Solara/Deb...er.dll

windows11-21h2-x64

1

Solara/Deb...nt.log

windows11-21h2-x64

3

Solara/Deb...ce.dll

windows11-21h2-x64

1

Solara/Debug/main.ini

windows11-21h2-x64

3

Solara/Debug/ukm_db

windows11-21h2-x64

1

Solara/Pac...in.xml

windows11-21h2-x64

1

Solara/Pac...ce.dll

windows11-21h2-x64

1

Solara/Pac...ls.xml

windows11-21h2-x64

1

Solara/Solara.exe

windows11-21h2-x64

10

Solara/acc...pl.dll

windows11-21h2-x64

1

Solara/buf...ed.xml

windows11-21h2-x64

1

Solara/buf...py.xml

windows11-21h2-x64

1

Solara/buf...de.xml

windows11-21h2-x64

1

Solara/buf...al.xml

windows11-21h2-x64

1

Solara/buf...up.xml

windows11-21h2-x64

1

Solara/buf...na.xml

windows11-21h2-x64

1

Solara/oleprn.dll

windows11-21h2-x64

1

Solara/wwancfg.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    439s
  • max time network
    441s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    29-08-2024 18:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Solara/buffed/pickup.xml

  • Size

    4KB

  • MD5

    a9f2f9f7d288d187c42f4897f8787889

  • SHA1

    2a643f4e1a214d62b4965dd33481714838b3f2d1

  • SHA256

    b482104f25fc6c5484d75e543a986eb8ace6104dfa809c8cad04726bbfb8f7a3

  • SHA512

    5354f6538dba4181798bc16c3d42b793194e7a60ce2734672d0f9609b213b62f4665eb452be9f29a69baafd02e92bdc2cf213ff9fb1427f34a7f3033a6032588

  • SSDEEP

    96:YTylIv7LQJc+DU9+UFKSp8gogh98f8YIVpmDAA4+sRlhQ8Iuk7:BlIDLQVDU9NF0wSDAjRo8IH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 29 IoCs
    adwarespyware
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\Solara\buffed\pickup.xml"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3924
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Solara\buffed\pickup.xml
      2⤵
      • Modifies Internet Explorer settings
      PID:564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3924-0-0x00007FFBED310000-0x00007FFBED320000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3924-3-0x00007FFBED310000-0x00007FFBED320000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3924-2-0x00007FFBED310000-0x00007FFBED320000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3924-4-0x00007FFBED310000-0x00007FFBED320000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3924-5-0x00007FFBED310000-0x00007FFBED320000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3924-1-0x00007FFC2D323000-0x00007FFC2D324000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3924-6-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-7-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-8-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-9-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-10-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-11-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-12-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-13-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-14-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-17-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-16-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-15-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-21-0x00007FFBED310000-0x00007FFBED320000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3924-20-0x00007FFBED310000-0x00007FFBED320000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3924-22-0x00007FFC2D280000-0x00007FFC2D489000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3924-19-0x00007FFBED310000-0x00007FFBED320000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3924-18-0x00007FFBED310000-0x00007FFBED320000-memory.dmp

    Filesize

    64KB

    Download