solara[.]zip | Triage

Sharing

General

Target

solara.zip
Size

52KB
MD5

1823bb15a118fdfc07356919b322223a
SHA1

a341969ee2c7ec69905de1c92eda0a5a010ec14e
SHA256

e2b08d94c2307ba0e56ffc8b4146e8fab0310770cff4cda5931c3342a591fdb3
SHA512

66f10c9cf79a6ac187b9ab2294679e83eb7e326bf2cbccbaa1b13f3ee49022f6e85bfa719a695758929ea955e430dca2bd1f1ffa6a2e36feab9cb1c589e86b0d
SSDEEP

768:IFUYgOXwuCxGv+rrtE4J2brbtzLDUt/ttz9BI2/i6c/fho5IWLLe/WYLIvefDbBv:WqOOQ+rZhc+TiL6c/fkLWf/peo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack001/Solara.exe

Files

solara.zip
.zip

Password: 123
Solara.exe
.exe windows:4 windows x86 arch:x86

Password: 123

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\busss\Downloads\Nitro-Ransomware-master\Nitro-Ransomware-master\NitroRansomware\obj\Debug\NitroRansomware.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
inject.dll
main.dll