android-x86-9[.]0-r2[.]iso

Sharing

Copy URL Twitter E-mail

General

Target

android-x86-9.0-r2.iso
Size

726.0MB
MD5

a58dd3e12385f368edee978f8ce20a03
SHA1

d72bbd11c1bedbe99f50da54731c6a83b41becb0
SHA256

91cedb534ba095a0c9b3eceede4147967fd27beea9bba640776f787dc3555021
SHA512

448bb5521a31d6fa70cf508b0e9e8e43f9d4b8e9e2bda4752c56a9c37bce536e29dca37b99a75346527582866a73915842c8b71233651dacdfd0f0755d2d1878
SSDEEP

12582912:sGep5uc8899Qs6da/qlVvU1FG9y8f40iMBXIeufu1ZLop39d22zJdx1LVMLwmxNL:Dq88z4WoVviM9y8fiMBXIOc39Q2zJNL4

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/efi/boot/bootia32.efi
unpack001/kernel

Files

android-x86-9.0-r2.iso
.iso .dmg macos
.disk/TRANS.TBL
.disk/info
TRANS.TBL
[BOOT]/1-Boot-NoEmul.img
[BOOT]/2-Boot-NoEmul.img
boot/TRANS.TBL
boot/grub/TRANS.TBL
boot/grub/efi.img
boot/grub/fonts/DejaVuSansMono-18.pf2
boot/grub/fonts/TRANS.TBL
boot/grub/grub.cfg
.vbs
boot/grub/theme/TRANS.TBL
boot/grub/theme/android-x86.png
.png
boot/grub/theme/icons/TRANS.TBL
boot/grub/theme/icons/android-x86.png
.png
boot/grub/theme/icons/android.png
.png
boot/grub/theme/icons/arch.png
.png
boot/grub/theme/icons/centos.png
.png
boot/grub/theme/icons/debian.png
.png
boot/grub/theme/icons/fedora.png
.png
boot/grub/theme/icons/forward.png
.png
boot/grub/theme/icons/frugalware.png
.png
boot/grub/theme/icons/gentoo.png
.png
boot/grub/theme/icons/gnu-linux.png
.png
boot/grub/theme/icons/kubuntu.png
.png
boot/grub/theme/icons/linuxmint.png
.png
boot/grub/theme/icons/mageia.png
.png
boot/grub/theme/icons/mandriva.png
.png
boot/grub/theme/icons/opensuse.png
.png
boot/grub/theme/icons/openthos.png
.png
boot/grub/theme/icons/os.png
.png
boot/grub/theme/icons/reboot.png
.png
boot/grub/theme/icons/sabayon.png
.png
boot/grub/theme/icons/setup.png
.png
boot/grub/theme/icons/shutdown.png
.png
boot/grub/theme/icons/slackware.png
.png
boot/grub/theme/icons/theme.png
.png
boot/grub/theme/icons/ubuntu.png
.png
boot/grub/theme/icons/windows.png
.png
boot/grub/theme/menu_bkg_c.png
.png
boot/grub/theme/menu_bkg_e.png
.png
boot/grub/theme/menu_bkg_n.png
.png
boot/grub/theme/menu_bkg_ne.png
.png
boot/grub/theme/menu_bkg_nw.png
.png
boot/grub/theme/menu_bkg_s.png
.png
boot/grub/theme/menu_bkg_se.png
.png
boot/grub/theme/menu_bkg_sw.png
.png
boot/grub/theme/menu_bkg_w.png
.png
boot/grub/theme/progress_bar_c.png
.png
boot/grub/theme/progress_bar_e.png
.png
boot/grub/theme/progress_bar_n.png
.png
boot/grub/theme/progress_bar_ne.png
.png
boot/grub/theme/progress_bar_nw.png
.png
boot/grub/theme/progress_bar_s.png
.png
boot/grub/theme/progress_bar_se.png
.png
boot/grub/theme/progress_bar_sw.png
.png
boot/grub/theme/progress_bar_w.png
.png
boot/grub/theme/progress_highlight_c.png
.png
boot/grub/theme/progress_highlight_e.png
.png
boot/grub/theme/progress_highlight_w.png
.png
boot/grub/theme/sb_frame_c.png
.png
boot/grub/theme/sb_frame_n.png
.png
boot/grub/theme/sb_frame_s.png
.png
boot/grub/theme/sb_thumb_c.png
.png
boot/grub/theme/sb_thumb_n.png
.png
boot/grub/theme/sb_thumb_s.png
.png
boot/grub/theme/select_bkg_c.png
.png
boot/grub/theme/select_bkg_e.png
.png
boot/grub/theme/select_bkg_n.png
.png
boot/grub/theme/select_bkg_ne.png
.png
boot/grub/theme/select_bkg_nw.png
.png
boot/grub/theme/select_bkg_s.png
.png
boot/grub/theme/select_bkg_se.png
.png
boot/grub/theme/select_bkg_sw.png
.png
boot/grub/theme/select_bkg_w.png
.png
boot/grub/theme/theme.txt
efi/TRANS.TBL
efi/boot/BOOTx64.EFI
.exe windows:0 windows x64 arch:x64

Code Sign

33:00:00:00:24:c1:fb:0e:65:d9:74:73:86:00:01:00:00:00:24
Certificate

Issuer

CN=Microsoft Corporation UEFI CA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/08/2017, 20:20

Not After

11/08/2018, 20:20

Subject

CN=Microsoft Windows UEFI Driver Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:08:d3:c4:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Corporation Third Party Marketplace Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/06/2011, 21:22

Not After

27/06/2026, 21:32

Subject

CN=Microsoft Corporation UEFI CA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5b:89:f1:aa:24:35:a0:3d:18:d9:b2:03:d1:7f:b4:fb:a4:f8:f5:07:6c:f1:f9:b8:d6:d9:b8:26:22:22:35:c1
Signer

Actual PE Digest

5b:89:f1:aa:24:35:a0:3d:18:d9:b2:03:d1:7f:b4:fb:a4:f8:f5:07:6c:f1:f9:b8:d6:d9:b8:26:22:22:35:c1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

/4
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 596KB - Virtual size: 595KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 210B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/26
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dynamic
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rela
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dynsym
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
efi/boot/TRANS.TBL
efi/boot/android.cfg
.vbs
efi/boot/bootia32.efi
.exe windows:0 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mods
Size: 577KB - Virtual size: 577KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
efi/boot/grubx64.efi
.exe windows:0 windows x64 arch:x64

Code Sign

01
Certificate

Issuer

CN=Canonical Ltd. Master Certificate Authority,O=Canonical Ltd.,L=Douglas,ST=Isle of Man,C=GB

Not Before

12/04/2012, 11:39

Not After

11/04/2042, 11:39

Subject

CN=Canonical Ltd. Secure Boot Signing,OU=Secure Boot,O=Canonical Ltd.,ST=Isle of Man,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

2b:91:f9:95:75:e3:52:8e:ee:98:4a:e2:e2:38:fd:52:97:a7:8d:13:07:2c:26:56:c6:a5:49:2c:ee:32:4f:a1
Signer

Actual PE Digest

2b:91:f9:95:75:e3:52:8e:ee:98:4a:e2:e2:38:fd:52:97:a7:8d:13:07:2c:26:56:c6:a5:49:2c:ee:32:4f:a1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mods
Size: 1014KB - Virtual size: 1014KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
initrd.img
.gz
initrd.img
install.img
.gz
install.img
isolinux/TRANS.TBL
isolinux/android-x86.png
.png
isolinux/boot.cat
isolinux/chain.c32
.elf linux x86
isolinux/isolinux.bin
isolinux/isolinux.cfg
isolinux/ldlinux.c32
.elf linux x86
isolinux/libcom32.c32
.elf linux x86
isolinux/libutil.c32
.elf linux x86
isolinux/vesamenu.c32
.elf linux x86
kernel
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

�b
Size: 16KB - Virtual size:

IMAGE_SCN_CNT_CODE

Size: 13.3MB - Virtual size:

Size: - Virtual size:

Size: - Virtual size:
ramdisk.img
.gz
ramdisk.img
system.sfs

Sharing

General

Malware Config

Signatures

Files

Code Sign

33:00:00:00:24:c1:fb:0e:65:d9:74:73:86:00:01:00:00:00:24Certificate

Extended Key Usages

61:08:d3:c4:00:00:00:00:00:04Certificate

Key Usages

5b:89:f1:aa:24:35:a0:3d:18:d9:b2:03:d1:7f:b4:fb:a4:f8:f5:07:6c:f1:f9:b8:d6:d9:b8:26:22:22:35:c1Signer

Headers

File Characteristics

Sections

/4 Size: 98KB - Virtual size: 97KB

.text Size: 596KB - Virtual size: 595KB

.reloc Size: 512B - Virtual size: 10B

/14 Size: 512B - Virtual size: 210B

.data Size: 170KB - Virtual size: 169KB

/26 Size: 1KB - Virtual size: 1KB

.dynamic Size: 512B - Virtual size: 256B

.rela Size: 108KB - Virtual size: 107KB

.dynsym Size: 59KB - Virtual size: 59KB

Headers

File Characteristics

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 39KB - Virtual size: 39KB

mods Size: 577KB - Virtual size: 577KB

.reloc Size: 2KB - Virtual size: 2KB

Code Sign

01Certificate

Extended Key Usages

2b:91:f9:95:75:e3:52:8e:ee:98:4a:e2:e2:38:fd:52:97:a7:8d:13:07:2c:26:56:c6:a5:49:2c:ee:32:4f:a1Signer

Headers

File Characteristics

Sections

.text Size: 39KB - Virtual size: 39KB

.data Size: 60KB - Virtual size: 60KB

mods Size: 1014KB - Virtual size: 1014KB

.reloc Size: 3KB - Virtual size: 3KB

Headers

File Characteristics

Sections

 �b Size: 16KB - Virtual size:

Size: 13.3MB - Virtual size:

Size: - Virtual size:

Size: - Virtual size:

33:00:00:00:24:c1:fb:0e:65:d9:74:73:86:00:01:00:00:00:24
Certificate

61:08:d3:c4:00:00:00:00:00:04
Certificate

5b:89:f1:aa:24:35:a0:3d:18:d9:b2:03:d1:7f:b4:fb:a4:f8:f5:07:6c:f1:f9:b8:d6:d9:b8:26:22:22:35:c1
Signer

/4
Size: 98KB - Virtual size: 97KB

.text
Size: 596KB - Virtual size: 595KB

.reloc
Size: 512B - Virtual size: 10B

/14
Size: 512B - Virtual size: 210B

.data
Size: 170KB - Virtual size: 169KB

/26
Size: 1KB - Virtual size: 1KB

.dynamic
Size: 512B - Virtual size: 256B

.rela
Size: 108KB - Virtual size: 107KB

.dynsym
Size: 59KB - Virtual size: 59KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 39KB - Virtual size: 39KB

mods
Size: 577KB - Virtual size: 577KB

.reloc
Size: 2KB - Virtual size: 2KB

01
Certificate

2b:91:f9:95:75:e3:52:8e:ee:98:4a:e2:e2:38:fd:52:97:a7:8d:13:07:2c:26:56:c6:a5:49:2c:ee:32:4f:a1
Signer

.text
Size: 39KB - Virtual size: 39KB

.data
Size: 60KB - Virtual size: 60KB

mods
Size: 1014KB - Virtual size: 1014KB

.reloc
Size: 3KB - Virtual size: 3KB

�b
Size: 16KB - Virtual size: