download | Triage

Sharing

Copy URL Twitter E-mail

General

Target

download
Size

186.6MB
MD5

b4f77efd710a3b291c1097c0e09e363f
SHA1

e16cc55f3817934b5d1b42004c862084e99f3655
SHA256

6b0dfc9408be2826903dec8fdf4c47f04ac50202f50a70f0bbc19eb37a737737
SHA512

dcd593dc59ad6dc8b6e1a1266bb6dd2b17ddb282347e94f22c287df2f69e3e530b4c08c0207dfa4262db489f2932f843a6a953ef5573d0db7f26287371742f52
SSDEEP

3145728:f5KiIlj0kvTciZ4VkRp2+bA4VLL1wH1gF9ItpYdFlQL+daq3F4lOxoEXvHh53W9i:fQPrvbZ4VkRTA4hL1wVgF6tpEMSF6Ox7

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/EFI/boot/bootx64.efi
unpack002/EFI/boot/vmlinuz

Files

download
.iso
out.iso
.iso
EFI/VentoyLiveCD
EFI/boot/boot.cat
EFI/boot/bootx64.efi
.exe windows:0 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mods
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EFI/boot/cdrom.img
EFI/boot/efi.img
EFI/boot/grub.cfg
EFI/boot/initrd
EFI/boot/vmlinuz
.exe windows:6 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

Size: 10.7MB - Virtual size:

IMAGE_SCN_CNT_CODE

��
Size: 58.5MB - Virtual size:

Size: - Virtual size:

Size: - Virtual size:
[BOOT]/1-Boot-NoEmul.img
[BOOT]/2-Boot-NoEmul.img