bootdata[.]exe | Triage

Submit
Reports

Overview

overview

6

Static

static

1

bootdata.exe

windows7-x64

bootdata.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

bootdata.exe

Resource

win7-20230220-es

bootkit persistence

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

bootdata.exe

Resource

win10v2004-20230221-es

bootkit persistence

windows10-2004-x64

10 signatures

300 seconds

General

Target

bootdata.exe
Size

8KB
MD5

0a78174420568e5aff0b81ec0050deef
SHA1

5acead5f8cd93ad5dbf7dd3044d82f1d937aab5f
SHA256

8413c7496ca732666d112ca9d565560a8563b4a1614e8eeeeade360156604e0b
SHA512

49a0a19d2fa3dd09d822fbb46c0bf8cb55c7a2a75a997b25949b5a343586a27c0fb2113718edcf7d32643e48df6554c5e4d3ba288dd459f1f0c8d649460834e8
SSDEEP

192:EqK0Y1xMew6EjI6b08a7W2f5tgN1eo2Ypv:EqKwTk67a7W2I2Ypv

Score

1^/10

Malware Config

Signatures

Files

bootdata.exe
.exe windows x86

095c46b0acc0d625f3b3e194dfc98095

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

vcruntime140

memset

api-ms-win-crt-stdio-l1-1-0

_set_fmode

api-ms-win-crt-runtime-l1-1-0

exit

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.MPRESS1
Size: 6KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy