Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SolaraBootsrapper.exe

  • Size

    21.8MB

  • Sample

    241117-x5cp8a1ngm

  • MD5

    40f347ccffb84f8fe97201dc63f18cbc

  • SHA1

    24d9353377a27d3b03ccc09c1ee595979d4667d2

  • SHA256

    faa8a6c4c3649d6bca89270696b68fe6b0f20237ae5e2f0749913151779e02a3

  • SHA512

    07208d2e002eaa3496164facfe9f0f1c4f6e1b8c2e7d76754ebf2e6cb2d978b74b3a7081afa063c636788e29881e9c4973c289aa9085ce3d7015cc1ed2f89c46

  • SSDEEP

    393216:fqPnLFXlrFWo7n0jcwQ8DOETgsvfGQQ+gspj1SRkvE4qQFW16AO4M6m:yPLFXNFpicwQhEznLRydqW16A6

Malware Config

Targets

    • Target

      SolaraBootsrapper.exe

    • Size

      21.8MB

    • MD5

      40f347ccffb84f8fe97201dc63f18cbc

    • SHA1

      24d9353377a27d3b03ccc09c1ee595979d4667d2

    • SHA256

      faa8a6c4c3649d6bca89270696b68fe6b0f20237ae5e2f0749913151779e02a3

    • SHA512

      07208d2e002eaa3496164facfe9f0f1c4f6e1b8c2e7d76754ebf2e6cb2d978b74b3a7081afa063c636788e29881e9c4973c289aa9085ce3d7015cc1ed2f89c46

    • SSDEEP

      393216:fqPnLFXlrFWo7n0jcwQ8DOETgsvfGQQ+gspj1SRkvE4qQFW16AO4M6m:yPLFXNFpicwQhEznLRydqW16A6

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.