SolaraRoblox[.]zip | Triage

Sharing

General

Target

SolaraRoblox.zip
Size

1.9MB
MD5

1213c67a416086d0595d8c0038deaf45
SHA1

3da394761eb7a3a73f38a7052cd09f1cde6d57ee
SHA256

ea64fd3a8a64a441246edaf85234c1707542cefd1e7c6fe50d72ce907b5c43f9
SHA512

675b83dfcd46cf95a4febb793beb5b42cc05b326fb757380a8519874245d2e554b6ca32b3802cd97d134261d57c8e4a049c21ce91645f97b480706cb8e643cdb
SSDEEP

24576:mAer+dSiVD4rrvsz3de39n3POOiC2bIaAc/+z5pM7cA1CG4X/fdNPc5EeM3K0Ch:mAHF4YNe39/OOiC2Gs67X/lsFf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SolaraRoblox.exe

Files

SolaraRoblox.zip
.zip
SolaraRoblox.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\TonySoprano\Pictures\Launchers\launcher2files\obj\Release\Out\Installer_sharp.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 634.2MB - Virtual size: 634.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ