Overview

overview

3

Static

static

boot/grub/grub.vbs

windows10-1703-x64

1

efi/boot/BOOTx64.exe

windows10-1703-x64

efi/boot/android.vbs

windows10-1703-x64

1

efi/boot/bootia32.exe

windows10-1703-x64

efi/boot/grubx64.exe

windows10-1703-x64

isolinux/chain.c32

windows10-1703-x64

3

isolinux/ldlinux.c32

windows10-1703-x64

3

isolinux/libcom32.c32

windows10-1703-x64

isolinux/libutil.c32

windows10-1703-x64

isolinux/vesamenu.c32

windows10-1703-x64

3

kernel.exe

windows10-1703-x64

Analysis

  • max time kernel
    1s
  • max time network
    69s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    07/12/2022, 00:25

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\efi\boot\grubx64.exe command="C:\Users\Admin\AppData\Local\Temp\efi\boot\grubx64.exe" wdir=C:\Users\Admin\AppData\Local\Temp\efi\boot Payload error: The %1 application cannot be run in Win32 mode.
Report Analysis Logs

General

  • Target

    efi/boot/grubx64.exe

  • Size

    1.1MB

  • MD5

    b5dcc17643cd3fe5a5a5530d410efb6c

  • SHA1

    97b31e64beccece43ae0ee4d2e61b47fc234d142

  • SHA256

    418f73a4c69b3478b53547a9f78d0696f2b70a049b8ece82d8bcff717144b8af

  • SHA512

    61f046ce87dd6fb8378a7ddb74ac9cf28d5b5e66bf4b07c19e3c538cc5dcd78b4e937e55b71e7ff58d19e478b437fd0cab3f395db18ce9d32fb7880d673a97f7

  • SSDEEP

    12288:MX64oUhqlTrE96w/GL95v+dCYm0gPRp9nGKlnHW7sx3MjURuX:MK4otlXw/GL9p/TppZThW7G3M4QX

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\efi\boot\grubx64.exe
    "C:\Users\Admin\AppData\Local\Temp\efi\boot\grubx64.exe"
    1⤵
      PID:2136

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads