BootkitBuilded[.]exe | Triage

Sharing

General

Target

BootkitBuilded.exe
Size

2.0MB
MD5

99b124439bde7f750accb3a558644341
SHA1

09e26808c12e4d0508a7387b6ff59a745889568e
SHA256

bc3281aba1987ec4b1d4d68e99c8b6829d4fd54477db001bf331971b72789195
SHA512

9c01de8d170de66471aa37ab47bf3817580e152e82879523771a875be114a95b33a33b35d8ab512dea4a68568a8ef635c29f34a33cffb283ed422b4e29562cdf
SSDEEP

49152:PevRj2WXGkpogEPw0GuUUKqCMnFe3FSgEEEbJ:PEZLXz70G0AIKNS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BootkitBuilded.exe

Files

BootkitBuilded.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ