General
-
Target
VineMEMZ-Original.exe
-
Size
39.6MB
-
Sample
210711-lrmrfq7pge
-
MD5
7640b072f643d0f684d0041a99dd5492
-
SHA1
4aa96bde37606abab714ae7b7e6e8dc52a5454b3
-
SHA256
8b52641761b0f144b26ca3b27f20d9ffffed1270d2c90b9ee5dfc60c7794e502
-
SHA512
2988e784e4cb9151709e3f6afe1c33a28f89a55d4f7d7d3e9f7002a466648e6961f9bc1346250becc30f2c363fe5bdce2d109cc7cd7ec3c709a171a7b9865e8b
Static task
static1
Behavioral task
behavioral1
Sample
VineMEMZ-Original.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
VineMEMZ-Original.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
VineMEMZ-Original.exe
-
Size
39.6MB
-
MD5
7640b072f643d0f684d0041a99dd5492
-
SHA1
4aa96bde37606abab714ae7b7e6e8dc52a5454b3
-
SHA256
8b52641761b0f144b26ca3b27f20d9ffffed1270d2c90b9ee5dfc60c7794e502
-
SHA512
2988e784e4cb9151709e3f6afe1c33a28f89a55d4f7d7d3e9f7002a466648e6961f9bc1346250becc30f2c363fe5bdce2d109cc7cd7ec3c709a171a7b9865e8b
Score8/10-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Sets desktop wallpaper using registry
-