a1062c3c-45c5-4c75-bbd2-d744c8e3fcb8
rhel-8.3-20200730-shimia32.efi
Description
This was provided by Red Hat, Inc. and revoked Apr-21
This download link contains the Revoked Bootloader!
Commands
bcdedit /copy "{current}" /d "TheBoots" | {% if ($_ -match '{\S+}') { bcdedit /set $matches[0] path \windows\temp\rhel-8.3-20200730-shimia32.efi } }
Use Case | Privileges | Operating System |
---|---|---|
Persistence | 32-bit |
Detections
YARA 🏹
Expand
with header and size limitation
without header and size limitation
for renamed bootloader files
Resources
CVE
Known Vulnerable Samples
Property | Value |
---|---|
Filename | rhel-8.3-20200730-shimia32.efi |
MD5 | |
SHA1 | |
SHA256 | A1DD22421CC934E050572520A026985AE8C5FC5AD73816510713F1E1D4DFF575 |
Authentihash MD5 | |
Authentihash SHA1 | |
Authentihash SHA256 | 01E2DA8EC5A6929DDBBBEB2E9807586FACDDCA6A7EF62BFEBB581BDC2D7274D6 |
Imports
Expand
Imports
Expand
ImportedFunctions
Expand
ExportedFunctions
Expand
Signature
Expand
last_updated: 2023-08-31