pwte_bm91-x64[.]iso

Sharing

Copy URL Twitter E-mail

General

Target

pwte_bm91-x64.iso
Size

136.7MB
MD5

79322913ce4c9f1fa0570bd35c5dbd04
SHA1

7da78bd1d16a1b58fc157440fe5e403d7119fd10
SHA256

f682cc44b61650a743052c672cc5dbfd6657c7583338daab7dbe55f6d9eea12e
SHA512

3a78b6a553993926f47464b6fd943e5a874f80f1fabf7a47df31da3dd1e0622e6e09ddec033e3dbbbfa07035382159a1d34bedb3c9467eb0468505b7a11e71f7
SSDEEP

3145728:4PQLXZFhNuADZjOyMOTETWcM1J0KyWSr2Q5L5A65UPZwZmFjlO8dYBf6o1cL0:bXZFXugyyuatC24LmYfmxUf6o2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/casper/vmlinuz.efi

Files

pwte_bm91-x64.iso
.iso
EFI/BOOT/BOOTx64.EFI
.exe windows:0 windows x64

Code Sign

33:00:00:00:10:a4:91:29:43:d9:4c:e6:2e:00:01:00:00:00:10
Certificate

Issuer

CN=Microsoft Corporation UEFI CA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:02

Not After

01/01/2016, 18:02

Subject

CN=Microsoft Windows UEFI Driver Publisher,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:08:d3:c4:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Corporation Third Party Marketplace Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/06/2011, 21:22

Not After

27/06/2026, 21:32

Subject

CN=Microsoft Corporation UEFI CA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

99:59:ed:4e:05:e5:48:b5:9f:21:93:08:a4:55:63:ea:85:bb:22:4c:1a:d9:6d:ec:0e:96:c0:e7:1f:fc:cd:81
Signer

Actual PE Digest

99:59:ed:4e:05:e5:48:b5:9f:21:93:08:a4:55:63:ea:85:bb:22:4c:1a:d9:6d:ec:0e:96:c0:e7:1f:fc:cd:81

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

/4
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 631KB - Virtual size: 631KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dynamic
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rela
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dynsym
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EFI/BOOT/grubx64.efi
.exe windows:0 windows x64

Code Sign

01
Certificate

Issuer

CN=Canonical Ltd. Master Certificate Authority,O=Canonical Ltd.,L=Douglas,ST=Isle of Man,C=GB

Not Before

12/04/2012, 11:39

Not After

11/04/2042, 11:39

Subject

CN=Canonical Ltd. Secure Boot Signing,OU=Secure Boot,O=Canonical Ltd.,ST=Isle of Man,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

d8:63:b1:66:6b:73:6b:2a:f5:ec:24:a0:ed:0e:04:cc:cd:d8:51:d5:9f:7f:7e:c4:51:9f:a6:e8:ba:16:c0:e7
Signer

Actual PE Digest

d8:63:b1:66:6b:73:6b:2a:f5:ec:24:a0:ed:0e:04:cc:cd:d8:51:d5:9f:7f:7e:c4:51:9f:a6:e8:ba:16:c0:e7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mods
Size: 868KB - Virtual size: 868KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[BOOT]/1-Boot-NoEmul.img
[BOOT]/2-Boot-NoEmul.img
boot/grub/efi.img
boot/grub/font.pf2
boot/grub/grub.cfg
.vbs
boot/grub/loopback.cfg
boot/grub/splash.png
.png
boot/grub/theme.cfg
boot/grub/x86_64-efi/acpi.mod
.elf linux x64
boot/grub/x86_64-efi/adler32.mod
.elf linux x64
boot/grub/x86_64-efi/ahci.mod
.elf linux x64
boot/grub/x86_64-efi/all_video.mod
.elf linux x64
boot/grub/x86_64-efi/aout.mod
.elf linux x64
boot/grub/x86_64-efi/appleldr.mod
.elf linux x64
boot/grub/x86_64-efi/archelp.mod
.elf linux x64
boot/grub/x86_64-efi/at_keyboard.mod
.elf linux x64
boot/grub/x86_64-efi/ata.mod
.elf linux x64
boot/grub/x86_64-efi/backtrace.mod
.elf linux x64
boot/grub/x86_64-efi/bfs.mod
.elf linux x64
boot/grub/x86_64-efi/bitmap.mod
.elf linux x64
boot/grub/x86_64-efi/bitmap_scale.mod
.elf linux x64
boot/grub/x86_64-efi/blocklist.mod
.elf linux x64
boot/grub/x86_64-efi/boot.mod
.elf linux x64
boot/grub/x86_64-efi/bsd.mod
.elf linux x64
boot/grub/x86_64-efi/btrfs.mod
.elf linux x64
boot/grub/x86_64-efi/bufio.mod
.elf linux x64
boot/grub/x86_64-efi/cat.mod
.elf linux x64
boot/grub/x86_64-efi/cbfs.mod
.elf linux x64
boot/grub/x86_64-efi/cbls.mod
.elf linux x64
boot/grub/x86_64-efi/cbmemc.mod
.elf linux x64
boot/grub/x86_64-efi/cbtable.mod
.elf linux x64
boot/grub/x86_64-efi/cbtime.mod
.elf linux x64
boot/grub/x86_64-efi/chain.mod
.elf linux x64
boot/grub/x86_64-efi/cmdline_cat_test.mod
.elf linux x64
boot/grub/x86_64-efi/cmp.mod
.elf linux x64
boot/grub/x86_64-efi/command.lst
boot/grub/x86_64-efi/cpio.mod
.elf linux x64
boot/grub/x86_64-efi/cpio_be.mod
.elf linux x64
boot/grub/x86_64-efi/cpuid.mod
.elf linux x64
boot/grub/x86_64-efi/crc64.mod
.elf linux x64
boot/grub/x86_64-efi/crypto.lst
boot/grub/x86_64-efi/crypto.mod
.elf linux x64
boot/grub/x86_64-efi/cryptodisk.mod
.elf linux x64
boot/grub/x86_64-efi/cs5536.mod
.elf linux x64
boot/grub/x86_64-efi/date.mod
.elf linux x64
boot/grub/x86_64-efi/datehook.mod
.elf linux x64
boot/grub/x86_64-efi/datetime.mod
.elf linux x64
boot/grub/x86_64-efi/disk.mod
.elf linux x64
boot/grub/x86_64-efi/diskfilter.mod
.elf linux x64
boot/grub/x86_64-efi/div_test.mod
.elf linux x64
boot/grub/x86_64-efi/dm_nv.mod
.elf linux x64
boot/grub/x86_64-efi/echo.mod
.elf linux x64
boot/grub/x86_64-efi/efi_gop.mod
.elf linux x64
boot/grub/x86_64-efi/efi_uga.mod
.elf linux x64
boot/grub/x86_64-efi/efifwsetup.mod
.elf linux x64
boot/grub/x86_64-efi/efinet.mod
.elf linux x64
boot/grub/x86_64-efi/ehci.mod
.elf linux x64
boot/grub/x86_64-efi/elf.mod
.elf linux x64
boot/grub/x86_64-efi/eval.mod
.elf linux x64
boot/grub/x86_64-efi/exfat.mod
.elf linux x64
boot/grub/x86_64-efi/exfctest.mod
.elf linux x64
boot/grub/x86_64-efi/ext2.mod
.elf linux x64
boot/grub/x86_64-efi/fat.mod
.elf linux x64
boot/grub/x86_64-efi/file.mod
.elf linux x64
boot/grub/x86_64-efi/fixvideo.mod
.elf linux x64
boot/grub/x86_64-efi/font.mod
.elf linux x64
boot/grub/x86_64-efi/fs.lst
boot/grub/x86_64-efi/gcry_arcfour.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_blowfish.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_camellia.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_cast5.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_crc.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_des.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_dsa.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_idea.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_md4.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_md5.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_rfc2268.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_rijndael.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_rmd160.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_rsa.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_seed.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_serpent.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_sha1.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_sha256.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_sha512.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_tiger.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_twofish.mod
.elf linux x64
boot/grub/x86_64-efi/gcry_whirlpool.mod
.elf linux x64
boot/grub/x86_64-efi/geli.mod
.elf linux x64
boot/grub/x86_64-efi/gettext.mod
.elf linux x64
boot/grub/x86_64-efi/gfxmenu.mod
.elf linux x64
boot/grub/x86_64-efi/gfxterm.mod
.elf linux x64
boot/grub/x86_64-efi/gfxterm_background.mod
.elf linux x64
boot/grub/x86_64-efi/gfxterm_menu.mod
.elf linux x64
boot/grub/x86_64-efi/gptsync.mod
.elf linux x64
boot/grub/x86_64-efi/grub.cfg
boot/grub/x86_64-efi/gzio.mod
.elf linux x64
boot/grub/x86_64-efi/halt.mod
.elf linux x64
boot/grub/x86_64-efi/hashsum.mod
.elf linux x64
boot/grub/x86_64-efi/hdparm.mod
.elf linux x64
boot/grub/x86_64-efi/help.mod
.elf linux x64
boot/grub/x86_64-efi/hexdump.mod
.elf linux x64
boot/grub/x86_64-efi/hfs.mod
.elf linux x64
boot/grub/x86_64-efi/hfsplus.mod
.elf linux x64
boot/grub/x86_64-efi/hfspluscomp.mod
.elf linux x64
boot/grub/x86_64-efi/http.mod
.elf linux x64
boot/grub/x86_64-efi/iorw.mod
.elf linux x64
boot/grub/x86_64-efi/jfs.mod
.elf linux x64
boot/grub/x86_64-efi/jpeg.mod
.elf linux x64
boot/grub/x86_64-efi/keylayouts.mod
.elf linux x64
boot/grub/x86_64-efi/keystatus.mod
.elf linux x64
boot/grub/x86_64-efi/ldm.mod
.elf linux x64
boot/grub/x86_64-efi/legacy_password_test.mod
.elf linux x64
boot/grub/x86_64-efi/legacycfg.mod
.elf linux x64
boot/grub/x86_64-efi/linux.mod
.elf linux x64
boot/grub/x86_64-efi/linux16.mod
.elf linux x64
boot/grub/x86_64-efi/linuxefi.mod
.elf linux x64
boot/grub/x86_64-efi/loadbios.mod
.elf linux x64
boot/grub/x86_64-efi/loadenv.mod
.elf linux x64
boot/grub/x86_64-efi/loopback.mod
.elf linux x64
boot/grub/x86_64-efi/ls.mod
.elf linux x64
boot/grub/x86_64-efi/lsacpi.mod
.elf linux x64
boot/grub/x86_64-efi/lsefi.mod
.elf linux x64
boot/grub/x86_64-efi/lsefimmap.mod
.elf linux x64
boot/grub/x86_64-efi/lsefisystab.mod
.elf linux x64
boot/grub/x86_64-efi/lsmmap.mod
.elf linux x64
boot/grub/x86_64-efi/lspci.mod
.elf linux x64
boot/grub/x86_64-efi/lssal.mod
.elf linux x64
boot/grub/x86_64-efi/luks.mod
.elf linux x64
boot/grub/x86_64-efi/lvm.mod
.elf linux x64
boot/grub/x86_64-efi/lzopio.mod
.elf linux x64
boot/grub/x86_64-efi/macbless.mod
.elf linux x64
boot/grub/x86_64-efi/macho.mod
.elf linux x64
boot/grub/x86_64-efi/mdraid09.mod
.elf linux x64
boot/grub/x86_64-efi/mdraid09_be.mod
.elf linux x64
boot/grub/x86_64-efi/mdraid1x.mod
.elf linux x64
boot/grub/x86_64-efi/memrw.mod
.elf linux x64
boot/grub/x86_64-efi/minicmd.mod
.elf linux x64
boot/grub/x86_64-efi/minix2.mod
.elf linux x64
boot/grub/x86_64-efi/minix2_be.mod
.elf linux x64
boot/grub/x86_64-efi/minix3.mod
.elf linux x64
boot/grub/x86_64-efi/minix3_be.mod
.elf linux x64
boot/grub/x86_64-efi/minix_be.mod
.elf linux x64
boot/grub/x86_64-efi/mmap.mod
.elf linux x64
boot/grub/x86_64-efi/moddep.lst
boot/grub/x86_64-efi/morse.mod
.elf linux x64
boot/grub/x86_64-efi/mpi.mod
.elf linux x64
boot/grub/x86_64-efi/msdospart.mod
.elf linux x64
boot/grub/x86_64-efi/multiboot.mod
.elf linux x64
boot/grub/x86_64-efi/multiboot2.mod
.elf linux x64
boot/grub/x86_64-efi/nativedisk.mod
.elf linux x64
boot/grub/x86_64-efi/net.mod
.elf linux x64
boot/grub/x86_64-efi/newc.mod
.elf linux x64
boot/grub/x86_64-efi/ntfs.mod
.elf linux x64
boot/grub/x86_64-efi/ntfscomp.mod
.elf linux x64
boot/grub/x86_64-efi/odc.mod
.elf linux x64
boot/grub/x86_64-efi/offsetio.mod
.elf linux x64
boot/grub/x86_64-efi/ohci.mod
.elf linux x64
boot/grub/x86_64-efi/part_acorn.mod
.elf linux x64
boot/grub/x86_64-efi/part_amiga.mod
.elf linux x64
boot/grub/x86_64-efi/part_apple.mod
.elf linux x64
boot/grub/x86_64-efi/part_bsd.mod
.elf linux x64
boot/grub/x86_64-efi/part_dfly.mod
.elf linux x64
boot/grub/x86_64-efi/part_dvh.mod
.elf linux x64
boot/grub/x86_64-efi/part_gpt.mod
.elf linux x64
boot/grub/x86_64-efi/part_msdos.mod
.elf linux x64
boot/grub/x86_64-efi/part_plan.mod
.elf linux x64
boot/grub/x86_64-efi/part_sun.mod
.elf linux x64
boot/grub/x86_64-efi/part_sunpc.mod
.elf linux x64
boot/grub/x86_64-efi/partmap.lst
boot/grub/x86_64-efi/parttool.lst
boot/grub/x86_64-efi/parttool.mod
.elf linux x64
boot/grub/x86_64-efi/password.mod
.elf linux x64
boot/grub/x86_64-efi/password_pbkdf2.mod
.elf linux x64
boot/grub/x86_64-efi/pata.mod
.elf linux x64
boot/grub/x86_64-efi/pbkdf2.mod
.elf linux x64
boot/grub/x86_64-efi/pbkdf2_test.mod
.elf linux x64
boot/grub/x86_64-efi/pcidump.mod
.elf linux x64
boot/grub/x86_64-efi/play.mod
.elf linux x64
boot/grub/x86_64-efi/png.mod
.elf linux x64
boot/grub/x86_64-efi/priority_queue.mod
.elf linux x64
boot/grub/x86_64-efi/probe.mod
.elf linux x64
boot/grub/x86_64-efi/procfs.mod
.elf linux x64
boot/grub/x86_64-efi/progress.mod
.elf linux x64
boot/grub/x86_64-efi/raid5rec.mod
.elf linux x64
boot/grub/x86_64-efi/raid6rec.mod
.elf linux x64
boot/grub/x86_64-efi/read.mod
.elf linux x64
boot/grub/x86_64-efi/reboot.mod
.elf linux x64
boot/grub/x86_64-efi/regexp.mod
.elf linux x64
boot/grub/x86_64-efi/reiserfs.mod
.elf linux x64
boot/grub/x86_64-efi/relocator.mod
.elf linux x64
boot/grub/x86_64-efi/romfs.mod
.elf linux x64
boot/grub/x86_64-efi/scsi.mod
.elf linux x64
boot/grub/x86_64-efi/serial.mod
.elf linux x64
boot/grub/x86_64-efi/setjmp.mod
.elf linux x64
boot/grub/x86_64-efi/setjmp_test.mod
.elf linux x64
boot/grub/x86_64-efi/setpci.mod
.elf linux x64
boot/grub/x86_64-efi/signature_test.mod
.elf linux x64
boot/grub/x86_64-efi/sleep.mod
.elf linux x64
boot/grub/x86_64-efi/sleep_test.mod
.elf linux x64
boot/grub/x86_64-efi/spkmodem.mod
.elf linux x64
boot/grub/x86_64-efi/squash4.mod
.elf linux x64
boot/grub/x86_64-efi/syslinuxcfg.mod
.elf linux x64
boot/grub/x86_64-efi/terminal.lst
boot/grub/x86_64-efi/terminal.mod
.elf linux x64
boot/grub/x86_64-efi/terminfo.mod
.elf linux x64
boot/grub/x86_64-efi/test.mod
.elf linux x64
boot/grub/x86_64-efi/test_blockarg.mod
.elf linux x64
boot/grub/x86_64-efi/testload.mod
.elf linux x64
boot/grub/x86_64-efi/testspeed.mod
.elf linux x64
boot/grub/x86_64-efi/tftp.mod
.elf linux x64
boot/grub/x86_64-efi/tga.mod
.elf linux x64
boot/grub/x86_64-efi/time.mod
.elf linux x64
boot/grub/x86_64-efi/tr.mod
.elf linux x64
boot/grub/x86_64-efi/trig.mod
.elf linux x64
boot/grub/x86_64-efi/true.mod
.elf linux x64
boot/grub/x86_64-efi/udf.mod
.elf linux x64
boot/grub/x86_64-efi/ufs1.mod
.elf linux x64
boot/grub/x86_64-efi/ufs1_be.mod
.elf linux x64
boot/grub/x86_64-efi/ufs2.mod
.elf linux x64
boot/grub/x86_64-efi/uhci.mod
.elf linux x64
boot/grub/x86_64-efi/usb.mod
.elf linux x64
boot/grub/x86_64-efi/usb_keyboard.mod
.elf linux x64
boot/grub/x86_64-efi/usbms.mod
.elf linux x64
boot/grub/x86_64-efi/usbserial_common.mod
.elf linux x64
boot/grub/x86_64-efi/usbserial_ftdi.mod
.elf linux x64
boot/grub/x86_64-efi/usbserial_pl2303.mod
.elf linux x64
boot/grub/x86_64-efi/usbserial_usbdebug.mod
.elf linux x64
boot/grub/x86_64-efi/usbtest.mod
.elf linux x64
boot/grub/x86_64-efi/verify.mod
.elf linux x64
boot/grub/x86_64-efi/video.lst
boot/grub/x86_64-efi/video.mod
.elf linux x64
boot/grub/x86_64-efi/video_bochs.mod
.elf linux x64
boot/grub/x86_64-efi/video_cirrus.mod
.elf linux x64
boot/grub/x86_64-efi/video_colors.mod
.elf linux x64
boot/grub/x86_64-efi/video_fb.mod
.elf linux x64
boot/grub/x86_64-efi/videoinfo.mod
.elf linux x64
boot/grub/x86_64-efi/videotest.mod
.elf linux x64
boot/grub/x86_64-efi/videotest_checksum.mod
.elf linux x64
boot/grub/x86_64-efi/xfs.mod
.elf linux x64
boot/grub/x86_64-efi/xnu.mod
.elf linux x64
boot/grub/x86_64-efi/xnu_uuid.mod
.elf linux x64
boot/grub/x86_64-efi/xnu_uuid_test.mod
.elf linux x64
boot/grub/x86_64-efi/xzio.mod
.elf linux x64
boot/grub/x86_64-efi/zfscrypt.mod
.elf linux x64
boot/isolinux/SPLASH.JPG
.png
boot/isolinux/VESAMENU.C32
boot/isolinux/boot.cat
boot/isolinux/isolinux.bin
boot/isolinux/isolinux.cfg
casper/memtest
casper/tinycore.gz
.gz
casper/vmlinuz.efi
.exe windows:6 windows x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

��d
Size: 17KB - Virtual size:

IMAGE_SCN_CNT_CODE

Size: 19.9MB - Virtual size:

Size: - Virtual size:

Size: - Virtual size:

Sharing

General

Malware Config

Signatures

Files

Code Sign

33:00:00:00:10:a4:91:29:43:d9:4c:e6:2e:00:01:00:00:00:10Certificate

Extended Key Usages

61:08:d3:c4:00:00:00:00:00:04Certificate

Key Usages

99:59:ed:4e:05:e5:48:b5:9f:21:93:08:a4:55:63:ea:85:bb:22:4c:1a:d9:6d:ec:0e:96:c0:e7:1f:fc:cd:81Signer

Headers

File Characteristics

Sections

/4 Size: 88KB - Virtual size: 88KB

.text Size: 631KB - Virtual size: 631KB

.reloc Size: 512B - Virtual size: 10B

.data Size: 176KB - Virtual size: 176KB

/14 Size: 1KB - Virtual size: 1KB

.dynamic Size: 512B - Virtual size: 240B

.rela Size: 165KB - Virtual size: 165KB

.dynsym Size: 57KB - Virtual size: 57KB

Code Sign

01Certificate

Extended Key Usages

d8:63:b1:66:6b:73:6b:2a:f5:ec:24:a0:ed:0e:04:cc:cd:d8:51:d5:9f:7f:7e:c4:51:9f:a6:e8:ba:16:c0:e7Signer

Headers

File Characteristics

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 59KB - Virtual size: 59KB

mods Size: 868KB - Virtual size: 868KB

.reloc Size: 3KB - Virtual size: 3KB

Headers

File Characteristics

Sections

��d Size: 17KB - Virtual size:

Size: 19.9MB - Virtual size:

Size: - Virtual size:

Size: - Virtual size:

33:00:00:00:10:a4:91:29:43:d9:4c:e6:2e:00:01:00:00:00:10
Certificate

61:08:d3:c4:00:00:00:00:00:04
Certificate

99:59:ed:4e:05:e5:48:b5:9f:21:93:08:a4:55:63:ea:85:bb:22:4c:1a:d9:6d:ec:0e:96:c0:e7:1f:fc:cd:81
Signer

/4
Size: 88KB - Virtual size: 88KB

.text
Size: 631KB - Virtual size: 631KB

.reloc
Size: 512B - Virtual size: 10B

.data
Size: 176KB - Virtual size: 176KB

/14
Size: 1KB - Virtual size: 1KB

.dynamic
Size: 512B - Virtual size: 240B

.rela
Size: 165KB - Virtual size: 165KB

.dynsym
Size: 57KB - Virtual size: 57KB

01
Certificate

d8:63:b1:66:6b:73:6b:2a:f5:ec:24:a0:ed:0e:04:cc:cd:d8:51:d5:9f:7f:7e:c4:51:9f:a6:e8:ba:16:c0:e7
Signer

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 59KB - Virtual size: 59KB

mods
Size: 868KB - Virtual size: 868KB

.reloc
Size: 3KB - Virtual size: 3KB

��d
Size: 17KB - Virtual size: