EFI_Files[.]rar

General

Target

EFI_Files.rar
Size

354KB
MD5

6d74f8cbb5486979a5e7e12c4052be9f
SHA1

428d3b8e0ebef6c6fae576eecb9a7809aab9ac3e
SHA256

a6ada8193b76ad0067fa8226697e4adf5296ce1ed2a595356d4cb31593d799c2
SHA512

e7a33187dd334eef190963c078a824b63aa1e486693db65a71e8aeb0fdbadcdb451734a06f555e7932d10716308f658de3cf0caf528c1dced572c7c8be84ab4f
SSDEEP

6144:icejD/IPnOldrXE1Qcd7CZ8pHara+BBeRu3y0NZy395j6lTOAFaWZEAZdHk:uX/IPj1Qu7CmpHy2EPZKjuyFsdHk

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/EFI_FILES_2/EFI/Boot/bootx64.efi
unpack001/EFI_FILES_2/perm.efi

Files

EFI_Files.rar
.rar
EFI_FILES_2/EFI/Boot/bootx64.efi
.dll windows:0 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 498KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.xdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EFI_FILES_2/perm.efi
.dll windows:0 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EFI_FILES_2/startup.nsh

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 396KB - Virtual size: 396KB

.data Size: 498KB - Virtual size: 498KB

Size: 10KB - Virtual size: 10KB

.xdata Size: 6KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 261KB - Virtual size: 261KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 74KB - Virtual size: 1.1MB

.pdata Size: 9KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 152B

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 396KB - Virtual size: 396KB

.data
Size: 498KB - Virtual size: 498KB

.xdata
Size: 6KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 261KB - Virtual size: 261KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 74KB - Virtual size: 1.1MB

.pdata
Size: 9KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 152B

.reloc
Size: 6KB - Virtual size: 6KB