5a47c296c6c7678d6e1caf53350581a5b9973241a5f95efe32ece8309ae6a7ba | Triage

Submit
Reports

Overview

overview

7

Static

static

1

MEMZ 3.0/MEMZ.bat

windows7-x64

7

Sharing

General

Target

MEMZ 3.0 (1).zip
Size

8KB
Sample

230331-2pmygaea87
MD5

4852bc43e4d1610360c5345cb118bd8a
SHA1

c06debc49d9c8f7958f6520accec1e08b4d7b3e5
SHA256

5a47c296c6c7678d6e1caf53350581a5b9973241a5f95efe32ece8309ae6a7ba
SHA512

9c94eb50994a81e21a46ac5845ee11a94a7907222796e6b4b0e14ecad94ad5f09798962acbd20c31091184a15db3f203bf8556e3d735fedb1e09f4b2eb07e7cc
SSDEEP

192:LPWLLRuTHA8/JJl5KYo9eqAWgxbWpPuTbC:+gTgSLZ5WpPu3C

Score

7^/10

bootkit persistence

Static task

static1

Behavioral task

behavioral1

Sample

MEMZ 3.0/MEMZ.bat

Resource

win7-20230220-en

bootkit persistence

windows7-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  MEMZ 3.0/MEMZ.bat
- Size
  
  12KB
- MD5
  
  13a43c26bb98449fd82d2a552877013a
- SHA1
  
  71eb7dc393ac1f204488e11f5c1eef56f1e746af
- SHA256
  
  5f52365accb76d679b2b3946870439a62eb8936b9a0595f0fb0198138106b513
- SHA512
  
  602518b238d80010fa88c2c88699f70645513963ef4f148a0345675738cf9b0c23b9aeb899d9f7830cc1e5c7e9c7147b2dc4a9222770b4a052ee0c879062cd5a
- SSDEEP
  
  384:nnLhRNiqt0kCH2LR0GPXxGiZgCz+KG/yKhLdW79HOli+lz3:nLhRN9t0SR4iZtzlREBWhuF
Score

7^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

© 2018-2024

Terms | Privacy