Static task
static1
General
-
Target
Solstice 1.21.30.dll
-
Size
9.4MB
-
MD5
12aa777b9bd385ba0fab9a29adb65afa
-
SHA1
87ede7e438affe15d5bb13ef24cd1b20ac1ed55a
-
SHA256
4321c48295120ffaa802efb6c12089243ca954dd8929c3d664213d74cf7de0d2
-
SHA512
9111e712bc936390a398e7071c881ae0cfb4e13dff30c65cfcd7b20d6f688b360ea82875d72ebe4f60a57012bb3c600d5bd411f770a6eaf3b76c26fc5dbdf072
-
SSDEEP
196608:KPVpXwWWdOR5jgxe54dDFzC4J+UZw9RWwiaW:wmG2e5yDF+CIviaW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Solstice 1.21.30.dll
Files
-
Solstice 1.21.30.dll.dll windows:6 windows x64 arch:x64
fce0d6607335aa89a7bb16483ad38d16
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
dbghelp
SymInitialize
SymCleanup
SymGetOptions
SymGetLineFromAddr64
SymFromAddr
SymFunctionTableAccess64
StackWalk64
SymLoadModuleEx
SymUnloadModule64
SymGetModuleBase64
SymSetOptions
d3d11
D3D11On12CreateDevice
d2d1
ord1
ws2_32
getaddrinfo
inet_ntoa
kernel32
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
VirtualProtect
Sleep
FreeLibraryAndExitThread
VirtualFree
VirtualQuery
GetSystemInfo
VirtualAlloc
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
AllocConsole
SetConsoleTitleA
GetStdHandle
GetConsoleMode
SetConsoleMode
FreeConsole
GetModuleFileNameA
K32GetModuleFileNameExA
GetCurrentProcess
K32GetModuleInformation
GetModuleHandleA
GetLastError
GetProcAddress
LoadLibraryExA
CreateFileA
SetFilePointer
ReadFile
CreateToolhelp32Snapshot
GetCurrentProcessId
Module32First
CloseHandle
Module32Next
GlobalLock
GlobalUnlock
GetCurrentThread
SetUnhandledExceptionFilter
RtlCaptureContext
DisableThreadLibraryCalls
CreateThread
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GlobalFree
LoadLibraryA
QueryPerformanceFrequency
QueryPerformanceCounter
FreeLibrary
GetCurrentThreadId
GetDynamicTimeZoneInformation
WriteConsoleW
WriteFile
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
HeapCreate
HeapFree
Thread32Next
Thread32First
SuspendThread
ResumeThread
HeapReAlloc
HeapAlloc
HeapDestroy
GetThreadContext
GetModuleHandleW
FlushInstructionCache
SetThreadContext
OpenThread
GetFileSizeEx
SetFilePointerEx
GetConsoleOutputCP
FlushFileBuffers
GetTimeZoneInformation
GetModuleFileNameW
GetFileType
SetStdHandle
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
InitializeSListHead
GetStringTypeW
GetCPInfo
CompareStringEx
LCMapStringEx
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
SetEndOfFile
RtlUnwind
FormatMessageW
LoadLibraryW
GetACP
IsValidCodePage
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetSystemTimeAsFileTime
HeapSize
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
FormatMessageA
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
TryAcquireSRWLockExclusive
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
CreateDirectoryW
CreateFileW
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
AreFileApisANSI
GetFileInformationByHandleEx
LocalFree
GetLocaleInfoEx
WaitForSingleObjectEx
GetExitCodeThread
GetNativeSystemInfo
RtlPcToFileHeader
RaiseException
IsProcessorFeaturePresent
InitOnceBeginInitialize
InitOnceComplete
FreeLibraryWhenCallbackReturns
GetModuleHandleExW
InitializeCriticalSectionEx
user32
MessageBoxA
GetKeyboardLayout
MapVirtualKeyA
DestroyWindow
DefWindowProcA
CreateWindowExA
UnregisterClassA
RegisterClassExA
SetCursorPos
ClientToScreen
GetForegroundWindow
GetKeyState
LoadCursorA
SetCursor
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
EnumWindows
GetWindowTextA
GetDpiForWindow
SetWindowLongPtrA
ToAscii
GetKeyboardState
ole32
CoCreateFreeThreadedMarshaler
CoInitializeEx
advapi32
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
wininet
InternetOpenA
InternetOpenUrlA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
imm32
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmGetContext
d3dcompiler_47
D3DCompile
oleaut32
SysAllocString
GetErrorInfo
SysStringLen
SetErrorInfo
SysFreeString
vcomp140
_vcomp_for_static_end
_vcomp_for_static_simple_init
_vcomp_fork
Sections
.text Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 469KB - Virtual size: 469KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6.3MB - Virtual size: 6.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 95KB - Virtual size: 95KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ