SolaraBootstrapper[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SolaraBootstrapper.exe
Size

659KB
MD5

bddb6354c213d421ac3a9e687d6cbb12
SHA1

c22406a0a65c2a680fec9eec6123dc744ec74666
SHA256

04c5dbc5a614d545a938d2c29366b0be89f41543724ff7f9cef5dfacd0622ee5
SHA512

f82c9f964045969bfaf7db1ba3db145e2700d0cdbe86d38b31a42a736e7ced87909558bfd70f14141b96f4da5383df90103bf39ca3a2ec205d3f27e96fe6dbbb
SSDEEP

12288:ky5xRehAd037p5j9GTKzQIwV8CZ0Ny5FXtI6s8zWOUCVbU0nHtZ5nGR47IcGO5gp:kOxwhB37p5ZGTK0Bg6ifmey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SolaraBootstrapper.exe

Files

SolaraBootstrapper.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 656KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ