bootx64[.]efi | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bootx64.efi
Size

4.0MB
MD5

a57595c60a3d3baab9b295c0ce2852bf
SHA1

e33b8dbc4eb0f6d33ba83672a51ff664e6b3af11
SHA256

3a4728ef35b0cd6005ffd0ee2fe4509f5234ed1873cfa273148ccbbf834f868e
SHA512

7093da30da07541d643e763859b24be870c01b67aa094c7282db34eb9870f4857f888a919f0685176e28b96d8e38bcb1ce027ee79ece110a37d65500e7efc63d
SSDEEP

49152:OgehMrvsd42N4vJIGQxBJMS6hRlAIfKrJnnEKqnIiq3/m1mq4s0:pcR1Eki0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bootx64.efi

Files

bootx64.efi
.dll windows:10 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

EbJgmHfB
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UsYh_hco
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_xdXnQCz
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

k^KHDbuO
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE