Overview

overview

7

Static

static

1

Solaraexecutor.zip

windows7-x64

7

Solaraexecutor.zip

windows10-2004-x64

1

Resubmissions

08-12-2024 13:21

241208-qlxsqazkck 7

08-12-2024 13:12

241208-qfk7qsyrgl 8

08-12-2024 13:05

241208-qbv65syqfq 8

08-12-2024 13:03

241208-qaeg1atrcw 8

Analysis

  • max time kernel
    93s
  • max time network
    142s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-12-2024 13:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Solaraexecutor.zip

  • Size

    30.1MB

  • MD5

    5b96ce8081bb025c4ad8ae12dc91e102

  • SHA1

    8708c3a51d990a437a4fe003c1fe2bc39e2f65cb

  • SHA256

    f9e5fe3194d9734845dd782b8e41065577ed7628a112934f1a57599f8dd92209

  • SHA512

    39a5e646df49f5c45f24e6aa479dfb40302f939383fdad15d6e3d9de7819aac5a2ec5525fad46ead503fe94d97b11fa587aa0448051d78d37ee8f0f6fdaa146a

  • SSDEEP

    786432:3mA77b6IpMM1QvHzoB/h4pUfbRgo0lJBrPCLaBzR8mHl0:X/b6OMM1QvM/4p8R30lju26m6

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Solaraexecutor.zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:4128

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads