5ef3c1b89a4c2a79c6d24faebd695b1cc0d26876bc79bf075ef69315bb740e06 | Triage

Sharing

General

Target

5ef3c1b89a4c2a79c6d24faebd695b1cc0d26876bc79bf075ef69315bb740e06
Size

1.7MB
MD5

e69bc9708f8c14f3f5dfab35bfb9dbf7
SHA1

aeb629f4ebb549c45433c216c400abc91321b60b
SHA256

5ef3c1b89a4c2a79c6d24faebd695b1cc0d26876bc79bf075ef69315bb740e06
SHA512

eb60779a2b6ea4b1cb1a4c5e4ddc32eb488036c93cdbbb22e09115338f0c2929f3be80700be3f3eb8abca8b5f9b0671d06cd1237faa2d62178739c82d9bfd0b2
SSDEEP

6144:XmfAXkTibUcmTQo1GLvCJpazpEWwrbzM0KI6dh:XmmkTuUc9oALvOaFdQzM0KJh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/uefidump.bin

Files

5ef3c1b89a4c2a79c6d24faebd695b1cc0d26876bc79bf075ef69315bb740e06
.tar
uefidump.bin
.dll windows:0 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 1024B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ