Report - getsolara.dev/download/static/files/Solara.Dir.zip

Report Overview

Visited public
2025-01-21 17:17:03
Tags
URL
getsolara.dev/download/static/files/Solara.Dir.zip
Finishing URL
about:privatebrowsing
IP / ASN
104.21.93.27
#13335 CLOUDFLARENET
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
getsolara.dev	unknown	2024-08-07	2024-08-10	2025-01-20	504 B	11 MB	104.21.93.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
getsolara.dev/download/static/files/Solara.Dir.zip
IP
104.21.93.27
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
11 MB (10691857 bytes)
Hash
8cd3d5331a6cdf4ed45462cf5d1ff86d
8aaf118d60bbee44dc221551daa1a50da068b9f6
b64c17cf28141c7f8347bca842de82331b2dbc82f1c2478be5ec35e787bb3664

Archive (22)

Filename

Md5

File type

ALGA

004c19960f962c0ff4ad97be02eac77f

ASCII text, with no line terminators

DLCTBL_FRTS

dd678a9b9cdcb85f90f8a30c1d37d614

ASCII text, with very long lines (65536), with no line terminators

path.txt

d41d8cd98f00b204e9800998ecf8427e

version.txt

339094531b3e6134721dad4d2cc48bd0

ASCII text, with no line terminators

Microsoft.Web.WebView2.Core.dll

b037ca44fd19b8eedb6d5b9de3e48469

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.Web.WebView2.WinForms.dll

c7000faa6c6040188c8cd8ef28b6deda

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.Web.WebView2.Wpf.dll

e107c88a6fc54cc3ceb4d85768374074

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

combined.html

d6a09c9126160c34642e491784857b14

HTML document, ASCII text, with very long lines (994), with CRLF line terminators

index.html

610eb8cecd447fcf97c242720d32b6bd

HTML document, ASCII text, with very long lines (994), with CRLF line terminators

lua.js

8706d861294e09a1f2f7e63d19e5fcb7

JavaScript source, ASCII text

editor.main.css

6af9c0d237b31c1c91f7faa84b384bdf

ASCII text, with very long lines (65254)

editor.main.js

9399a8eaa741d04b0ae6566a5ebb8106

JavaScript source, Unicode text, UTF-8 text, with very long lines (25715)

editor.main.nls.js

74dd2381ddbb5af80ce28aefed3068fc

Unicode text, UTF-8 text, with very long lines (8613)

loader.js

8a3086f6c6298f986bda09080dd003b1

JavaScript source, ASCII text, with very long lines (1024)

Newtonsoft.Json.dll

195ffb7167db3219b217c4fd439eedd6

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Solara.exe

8fb32e3cdec020f3a15786f74ba6ebde

PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows, 2 sections

SolaraV3.dll

ff6072b71de278bdb1a20ec5eb04f61d

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

vcruntime140.dll

7a2b8cfcd543f6e4ebca43162b67d610

PE32+ executable (DLL) (console) x86-64, for MS Windows, 7 sections

WebView2Loader.dll

a0bd0d1a66e7c7f1d97aedecdafb933f

PE32+ executable (DLL) (console) x86-64, for MS Windows, 10 sections

Wpf.Ui.dll

aead90ab96e2853f59be27c4ec1e4853

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

zlib.dll

c5b29a2e334961e9dee00ab4726392e3

current ar archive

zlib1.dll

75365924730b0b2c1a6ee9028ef07685

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 11 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect pe file that no import table
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	malicious	VirusTotal - Scan result 25/67

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

getsolara.dev/download/static/files/Solara.Dir.zip

104.21.93.27

200 OK

11 MB

URL User Request GET HTTP/2
getsolara.dev/download/static/files/Solara.Dir.zip
IP
104.21.93.27:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgetsolara.dev
Fingerprint98:78:38:E1:98:39:AB:D5:B8:2C:C0:96:88:50:A1:BE:AA:C8:D6:0C
ValidityWed, 04 Dec 2024 01:22:34 GMT - Tue, 04 Mar 2025 01:22:33 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
11 MB (10691857 bytes)
Hash
8cd3d5331a6cdf4ed45462cf5d1ff86d
8aaf118d60bbee44dc221551daa1a50da068b9f6
b64c17cf28141c7f8347bca842de82331b2dbc82f1c2478be5ec35e787bb3664

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 25/67

HTTP Headers

GET /download/static/files/Solara.Dir.zip HTTP/1.1
Host: getsolara.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 21 Jan 2025 17:16:35 GMT
content-type: application/zip
content-length: 10691857
access-control-allow-origin: *
cache-control: public, max-age=120, must-revalidate
etag: "cb0a6ed7be572724e5b0d99d1f22816a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uM26CVixtnOwNsCvY%2FSiiHNGFtt4f5F7NcN3OWryNo3FsRQ1O%2Blv%2FWeeT9a%2FVv3dh7A%2F7cBfLrILNc%2FTfKoDzAnnD9855MmQJQcH8HZtxyje1O3Zc7fj0PZewFT2fCzq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 9058f3f1cd8f56bd-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5624&min_rtt=505&rtt_var=10249&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3262&recv_bytes=1267&delivery_rate=6144271&cwnd=254&unsent_bytes=0&cid=aab0a0dc3830ef45&ts=137&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (22)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers