General
-
Target
memz-master.zip
-
Size
17KB
-
Sample
230331-zr9txaeg3t
-
MD5
4790677e05d72ef7429dddf35562bf4a
-
SHA1
4243d6ea53db7e8cc0c355e70d6cffb54787b90b
-
SHA256
319bf6087040d17b87f46cd05f5ee064c291ba9ca46e1910f28d1f4c57cb3d96
-
SHA512
a93c5f691938bc1bdd9ef20b975f0b22cf494543e7df82ec31838bf811552ead5cd855959be4e47186ee7de944be005030f52f58b9dc85e7cde719cb97b794e3
-
SSDEEP
384:svCxvUI97GtSIiO0mw3pxspoCWdZs7n52mbFimtuckPXEKyuGSXCfAKrLwWtc:svZIZiAOnw3pcoYnFXoXEKyuZSAoLwWq
Malware Config
Targets
-
-
Target
MEMZ-master/MEMZ-Destructive.exe
-
Size
14KB
-
MD5
19dbec50735b5f2a72d4199c4e184960
-
SHA1
6fed7732f7cb6f59743795b2ab154a3676f4c822
-
SHA256
a3d5715a81f2fbeb5f76c88c9c21eeee87142909716472f911ff6950c790c24d
-
SHA512
aa8a6bbb1ec516d5d5acf8be6863a4c6c5d754cee12b3d374c3a6acb393376806edc422f0ffb661c210e5b9485da88521e4a0956a4b7b08a5467cfaacd90591d
-
SSDEEP
192:sIvxdXSQeWSg9JJS/lcIEiwqZKBkDFR43xWTM3LHn8f26gyr6yfFCj3r:sMVSaSEglcIqq3agmLc+6gyWqFCj
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-