b9ae24e0d0a49cf36131aaaec049b9ca3353f601945eba1026cf697de4705ae4

General

Target

Solarae.rar
Size

462KB
Sample

240914-p25b3avdqb
MD5

2a3ad7eea3be036f8a667a35b4bedd3a
SHA1

2030acbd8637b24605b4db398be5d53675073d1c
SHA256

b9ae24e0d0a49cf36131aaaec049b9ca3353f601945eba1026cf697de4705ae4
SHA512

4eeaa644c0fa4be8bd59f73d52e13cf6ce35bf7bb1482143cde2e96029566f307df273f69ab15f9a44fba645ba86bdc22e3bd5b1abdd388991bee73df79b0cd8
SSDEEP

6144:yWFPKLth/IfOCqjdb6sOXWcTTGjviNuf+zpxYej0vOB++bhWCaaecCyWbxb+7Q0O:uth/IVqhUH9NuGvYeuO8+bhIimQ7MUgr

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  Solarae/AMIDEWINx64.EXE
- Size
  
  377KB
- MD5
  
  64ae4aa4904d3b259dda8cc53769064f
- SHA1
  
  24be8fb54afd8182652819b9a307b6f66f3fc58d
- SHA256
  
  2c67fb6eb81630c917f08295e4ff3b5f777cb41b26f7b09dc36d79f089e61bc4
- SHA512
  
  6c16d2bc23c20a7456b4db7136e1bb5fcee9cbf83a73d8de507b7b3ffc618f81f020cde638d2cd1ef5f154541b745a2a0e27b4c654683a21571183f7a1bffd16
- SSDEEP
  
  6144:4NFU+vVycygjjsp5dcAONdA22xVK8LRPo4WBIeX+oD9/nwbr9W9v6i:4bygjjsrdcAONdA22xVK8LRPo4WGkD90
Score

1^/10
behavioral1
- Target
  
  Solarae/HardDisk.exe
- Size
  
  636KB
- MD5
  
  c20e96d4e616ce333c19a1c15a1cc137
- SHA1
  
  f79645ec115130ee59958c55a556f564260b7a9e
- SHA256
  
  2c141c06f7df57f11ef2c62f2a96093484a65df47065b1a475c53784af0e2664
- SHA512
  
  519fec9955c4a18e45ec68d9e7dc2bcda74721a6ea088e59e634e26b136bfa15f5efedf8839c036a3cfdcdb9780a2121dc2d71f1fdbbfd3df02d9969e5db753b
- SSDEEP
  
  12288:EN1TNRzUSWgDxPWnP0Lamg+hyMU1EUFT99qpDDcZDDR5Id1888888888888W888H:whNRASWgDxPWnP0LamWYC8EOd
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral2
- Target
  
  Solarae/MAC_Address_Changer.exe
- Size
  
  220KB
- MD5
  
  84a13840d26c98581a024f61aad1c1ec
- SHA1
  
  dee67f068322c1928809ce6b425e146fc4b082c6
- SHA256
  
  4b90308e3752921ab125cfb9dad7e1b310e242d13a278981557b3a15e0c58521
- SHA512
  
  5afd7faff289b79b568fd5cac9e6dae2f7b09589d5039ee392788772d1896a995707d8a8dcc0595fe38bb48776a3fea50d562e6f7f2548078345c519bc5555d2
- SSDEEP
  
  3072:0dpxThxUTAzHiGox/C0wdvMqLD2T/ZSU0M5anf3eL/5pKCud1SjnIitjVfo:0d9xdLjosFUqLD277taveAvSjto
Score

3^/10

discovery
behavioral3
- Target
  
  Solarae/Solarae Spoofer.bat
- Size
  
  3KB
- MD5
  
  5e2550f2d931afb96551e967689e0ac9
- SHA1
  
  9ad0b39606b1ec5c12d4c6c71c959c0a35d6d776
- SHA256
  
  34211b88c97b92bd97b4e03b1e6c9db17dacae20189a688bca1a7cc5bd2bb34b
- SHA512
  
  13c897e281c0b985ab15231da77ec7f07e66dfc46bb88ef90fa70378316f62862d83113d68e39c31f03243d52a3e92bb3e5c4e8148e1f635698089a0c4a21207
Score

1^/10
behavioral4
- Target
  
  Solarae/amifldrv64.sys
- Size
  
  28KB
- MD5
  
  0dff47f3b14fb1c1bad47cc517f0581a
- SHA1
  
  db3538f324f9e52defaba7be1ab991008e43d012
- SHA256
  
  20f11a64bc4548f4edb47e3d3418da0f6d54a83158224b71662a6292bf45b5fb
- SHA512
  
  f572e741b5a7e854353420bfe072f4e8d10ea61bd0be06a48f3b07bb58e98987761a4cbd77423bf1ab4a9a79b599b824b6b2951bae9e8ad16bca98c84c72b0a6
- SSDEEP
  
  384:Hv+RD9ZsRVl8jqiZchbao0HMrEDulUoLdZFnJtQSZsHLPK6jzOO9bvFR3lZbI1:HvyJZmmqlHCMmulJLZJt6PKgaO9Po1
Score

1^/10
behavioral5
- Target
  
  Solarae/amigendrv64.sys
- Size
  
  33KB
- MD5
  
  119f0656ab4bb872f79ee5d421e2b9f9
- SHA1
  
  e35969966769e7760094cbcffb294d0d04a09db6
- SHA256
  
  38d87b51f4b69ba2dae1477684a1415f1a3b578eee5e1126673b1beaefee9a20
- SHA512
  
  428c2a7db1559cb39a882a7dce5a0559efd9d83c2e86ca94bbe3c10c9989fe63c160ab7f475db0400a2ed016ab21f00faa9d0e0b7fdba5e3c34daadab24e71f2
- SSDEEP
  
  768:Jn9+pli0X09luuJ4j/2HGra+Jt6PKgeGPeHPc:t0muuJK1a+JtkwGPMc
Score

1^/10
behavioral6