9de052d7b835e0b896644c23c696c5d31c78b6d5f5366ab46b9b368f18106e0c | Triage

Resubmissions

04/01/2025, 22:11

250104-13x5xssjap 6

04/01/2025, 22:06

250104-11dcqs1raj 10

Sharing

General

Target

Solara.zip
Size

504KB
Sample

250104-13x5xssjap
MD5

fae457873d9a7a2d6b43ecde4d6052fb
SHA1

484cb23eccea31a7cf27bfaaf1c18a38c2c7e48e
SHA256

9de052d7b835e0b896644c23c696c5d31c78b6d5f5366ab46b9b368f18106e0c
SHA512

44dc52cc1f7efdf789f5dc87d107c7637279c8b54429c2da4f2bd87e2a077d9c5b9331fcbd11b4aef622e609f1421388297df2978ed1a22e116262f46131939a
SSDEEP

12288:Gp+PYp9k7GljQzhHWPHIdL4nAOhdnsqjhcoh/uzD9wl1Nd+u3w:TPhHbMAOhF16z9wl1Nd+ug

Score

6^/10

discovery execution

Malware Config

Targets

- Target
  
  Launcher.bat
- Size
  
  2KB
- MD5
  
  a8883d531fc8b94f0ce002b1bc607d1d
- SHA1
  
  7f52ffa1e9fab82955dfe3cbb04714b85a4990ac
- SHA256
  
  cc5480ea61441b4112dfbbb04402e91b0abb7d64ca4461b5c8a46b063bb33e9e
- SHA512
  
  789d3a4161d1ea4d72dd2c9c56fb8b135bc5d613c69e328aeef0c4e1fdd9191dc89f2d819d925e7878baef282120a3c481cffc762ba923a925eeea21da0a62f6
Score

6^/10

discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  config.txt
- Size
  
  220KB
- MD5
  
  96c673c9e9dedefec5fd5e27284e4f29
- SHA1
  
  1b5865f8998749a1fd61f62e6357d19dedcc9a2c
- SHA256
  
  d92b9e01e24935e1cc6144734c0b39379edef1e3c06aedbd547dc304e7334d77
- SHA512
  
  4ac805e8528f1003911960ce317150d186022a30dc31c479a54e1f6adbbf9cbce882da4b46f8cf0991c9e07fb4239f970d07c1538e4d16c79b560b5b272e5b83
- SSDEEP
  
  3072:ubmjIIxdmqlnRf1/QyZs2WWwjojiS06SK9J8Iq8jltsBo0FXnihq/+43j:uBCdFllFLsSok9Jg4lutNb+4T
Score

3^/10

execution
behavioral2
- Target
  
  lua.exe
- Size
  
  89KB
- MD5
  
  dd98a43cb27efd5bcc29efb23fdd6ca5
- SHA1
  
  38f621f3f0df5764938015b56ecfa54948dde8f5
- SHA256
  
  1cf20b8449ea84c684822a5e8ab3672213072db8267061537d1ce4ec2c30c42a
- SHA512
  
  871a2079892b1eb54cb761aebd500ac8da96489c3071c32a3dab00200f74f4e12b9ab6c62623c53aea5b8be3fc031fb1b3e628ffe15d73323d917083240742b0
- SSDEEP
  
  1536:Ee7h7q/J6K3nHC+AGUob2f0DBFPbPWNPWp350NHcHkDsWqxcd2ZPSAv:Ee7oU8HC+AGUu2abPbPWQpO8E0A2tSAv
Score

3^/10

discovery
behavioral3
- Target
  
  lua51.dll
- Size
  
  592KB
- MD5
  
  3dff7448b43fcfb4dc65e0040b0ffb88
- SHA1
  
  583cdab08519d99f49234965ffd07688ccf52c56
- SHA256
  
  ff976f6e965e3793e278fa9bf5e80b9b226a0b3932b9da764bffc8e41e6cdb60
- SHA512
  
  cdcbe0ec9ddd6b605161e3c30ce3de721f1333fce85985e88928086b1578435dc67373c3dc3492ed8eae0d63987cac633aa4099b205989dcbb91cbbfc8f6a394
- SSDEEP
  
  12288:rs7/mj/73RaLHIW5BmUeUhoE4RgiF1q1bPIBKsg4Db0S:rc/u/7IoRnUKfq1Dl4DY
Score

3^/10

discovery
behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4