Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Solarasis.exe

  • Size

    50.5MB

  • Sample

    241129-24mk9a1mas

  • MD5

    f65e2a4ca6f6da06ad6b5ab017e8f606

  • SHA1

    8953d0ceef9e1bc6c54dfe5f0cac47879bdb2d1b

  • SHA256

    1493e235477b9514f54ff420d0ab5d096e94dfcc885fcb5ac227ea3bc014acad

  • SHA512

    0e99ac29ce6238d85d0ea69eeba2dba8e2577aac37c98cde7fc9c0d5a8b8aa278f150184f5657f6c8ffda758dcf0b24425d2ff28c051bb00cba33d88c87c8b9c

  • SSDEEP

    1572864:vGGefWTsmTSk8IpG7V+VPhqb+VxTivfSlRISereyaAPeEV:uGaCsmTSkB05awb+Vxen+RXerXVPeEV

Malware Config

Targets

    • Target

      Solarasis.exe

    • Size

      50.5MB

    • MD5

      f65e2a4ca6f6da06ad6b5ab017e8f606

    • SHA1

      8953d0ceef9e1bc6c54dfe5f0cac47879bdb2d1b

    • SHA256

      1493e235477b9514f54ff420d0ab5d096e94dfcc885fcb5ac227ea3bc014acad

    • SHA512

      0e99ac29ce6238d85d0ea69eeba2dba8e2577aac37c98cde7fc9c0d5a8b8aa278f150184f5657f6c8ffda758dcf0b24425d2ff28c051bb00cba33d88c87c8b9c

    • SSDEEP

      1572864:vGGefWTsmTSk8IpG7V+VPhqb+VxTivfSlRISereyaAPeEV:uGaCsmTSkB05awb+Vxen+RXerXVPeEV

    • Enumerates VirtualBox DLL files

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.