Overview

overview

10

Static

static

10

Solara 1.25.exe

windows10-ltsc 2021-x64

9

Resubmissions

30-12-2024 03:21

241230-dwa1gswpdt 10

30-11-2024 20:08

241130-ywkj5sxqdp 10

30-11-2024 20:06

241130-yvtfnatmay 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Solara 1.25.exe

  • Size

    71.8MB

  • Sample

    241130-yvtfnatmay

  • MD5

    6b32177d5218d0f5158eb91bfcc54c15

  • SHA1

    19d0b30aa6fe9a5bbc9b583bbd48b70861420b4a

  • SHA256

    822b6bd963cba3c0762d3ddfa83b070c33d9b90eedba798fa5d5436aae491a19

  • SHA512

    39db07ff94dcc915f221f558f69590d32f0fae09bcd2b6d9c2ad01d2af83ef5dca5adbcb3a5d3837aad586232bec400ea8733bfd10c1fb7207017c67e81b171d

  • SSDEEP

    1572864:v9JxSm1WIacirAH8+1osuTCSxOB6xMLiIpB2qHWB75ilQhmqZ8Qry4hlDVgc:fzZRS6xjKcBa6/2qHO5iopyQry4bB

Score
10/10
pysilonevasionthemidatrojan

Malware Config

Targets

    • Target

      Solara 1.25.exe

    • Size

      71.8MB

    • MD5

      6b32177d5218d0f5158eb91bfcc54c15

    • SHA1

      19d0b30aa6fe9a5bbc9b583bbd48b70861420b4a

    • SHA256

      822b6bd963cba3c0762d3ddfa83b070c33d9b90eedba798fa5d5436aae491a19

    • SHA512

      39db07ff94dcc915f221f558f69590d32f0fae09bcd2b6d9c2ad01d2af83ef5dca5adbcb3a5d3837aad586232bec400ea8733bfd10c1fb7207017c67e81b171d

    • SSDEEP

      1572864:v9JxSm1WIacirAH8+1osuTCSxOB6xMLiIpB2qHWB75ilQhmqZ8Qry4hlDVgc:fzZRS6xjKcBa6/2qHO5iopyQry4bB

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks