Overview

overview

10

Static

static

10

Solara.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Solara.exe

  • Size

    44KB

  • MD5

    cb5aa995d9843fd0f787743a2a860dec

  • SHA1

    ff1de916764d817ed1ac6dd036d5b02f1810d016

  • SHA256

    f82ebddace7d6290ddbd12051aa19e3cd1355762196936f686e26dd5e5c47b60

  • SHA512

    8c5500738e06c6701c29019a5d6bb391ae1c1e9fccbbceed0d6c44669a35450074052540ee40a100df0b9c0cc4273d618f6151c094a00538f6583f3969f03529

  • SSDEEP

    768:BFM3oVOl50FADMe/e2TJblsUUdvFFRPG9+l56OOChwvmbWp:vMK650osOevFw9+76OOC+uip

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:46867

disease-tattoo.gl.at.ply.gg:46867
Mutex

0vTMyU9SDotxIpQj

Attributes
  • Install_directory

    %AppData%

  • install_file

    svchost.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Solara.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections