Gridinsoft Logo
File Icon

Solara.exe Trojan CoinMiner Analysis

Updated 1 month ago
Checked by Malaware Check
Solara.exe

Technical Analysis

File Name Solara.exe
File Type
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
Scanner Version 1.0.212.174
Database Version 2025-04-05 02:00:38 UTC

Trojan.Win64.CoinMiner.cl

Malware family: CoinMiner

CoinMiner malware utilizes system resources including CPU and RAM for unauthorized cryptocurrency mining. It establishes persistence through startup integration and may use resource management techniques to avoid detection while mining currencies like Monero or Zcash.
N/A
Detection Rate
570,880
File Size (bytes)
2025-04-05
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
f0423f0db46a26f6882440086ac1dda7
SHA1
e1452d69d03ba12e4b30261eeaf7be249ad3ae5b
SHA256
445fdd57f58b973d5a583229b51d47da6dd99e510b44d96abb29932e994ba65a
SHA512
a31f82303c5798490483c654d3aa5c52d28ce91e82a556cffa1604a48712b05d5d4c7ae6bf438ee3689f902a284e775217500e09ce2d0539703ef980ed7a88c5

PE Analysis

Basic Information

Icon
Hash: d830161395976abbdb4c4b45fe0af66a
Fuzzy: 3b5d3c7d207e37dceeedd301e35e2e58
dHash: cc96336969698ecc
Image Base 0x140000000
Entry Point 0x140000000
Compilation Time 2071-09-12 22:50:50
Checksum 0x00000000 (Actual: 0x00093b9a)
OS Version 4.0
PEiD Signatures PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 0
Exports 0 functions
Resources 4 Resources
Sections 2 Sections

Version Information

Translation 0x0000 0x04b0
Comments Solara V3 UI
CompanyName CMD Softworks
FileDescription Solara V3
FileVersion 3.0.0.0
InternalName Solara.exe
LegalCopyright Copyright © CMD Softworks 2024
LegalTrademarks
OriginalFilename Solara.exe
ProductName Solara Scripting Utility Interface
ProductVersion 3.0.0.0
Assembly Version 1.0.0.0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00002000 560,672 bytes 561,152 bytes 6.19 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ DE76D63209AC9322A6BFCFD212965146
.rsrc 0x0008c000 8,916 bytes 9,216 bytes 4.37 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 12BFF70D7BD0572B9C2B75FE5D230CAC

Resource Analysis

Total Resources: 4 (8,606 bytes)
Resource Type Count Total Size Percentage
RT_ICON 1 4,264 bytes
49.5%
RT_GROUP_ICON 1 20 bytes
0.2%
RT_VERSION 1 916 bytes
10.6%
RT_MANIFEST 1 3,406 bytes
39.6%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Trojan.Win64.CoinMiner.cl Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win64.CoinMiner.cl without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware