General
-
Target
MEMZ.COM
-
Size
98KB
-
Sample
230401-h6fe6sgf57
-
MD5
ef041b874734d13e9ff00cc5a017ae41
-
SHA1
0566bd89305fd7a3560dd94b9247ae7ae5b53c73
-
SHA256
117696f086cb219921a55fb78681136eeccbdd60907eb10042e09744d3bc7e57
-
SHA512
79306aece8acc9ca6c89830c40493e10c7b0e226fba3ec1ae7dfc4530ef39d761504eda6363ba3699e0399d245232e024f25328e83ce90b88faecc371b4c92e7
-
SSDEEP
1536:bCqHXYzu7PtB3Gzc0UOtLuNbAHC3Dgtx3SqjhA/kz1mxBGdV2NVQv:DXYzu7PtB3h0UjbUC3DgtxCqjaK19
Malware Config
Targets
-
-
Target
MEMZ.COM
-
Size
98KB
-
MD5
ef041b874734d13e9ff00cc5a017ae41
-
SHA1
0566bd89305fd7a3560dd94b9247ae7ae5b53c73
-
SHA256
117696f086cb219921a55fb78681136eeccbdd60907eb10042e09744d3bc7e57
-
SHA512
79306aece8acc9ca6c89830c40493e10c7b0e226fba3ec1ae7dfc4530ef39d761504eda6363ba3699e0399d245232e024f25328e83ce90b88faecc371b4c92e7
-
SSDEEP
1536:bCqHXYzu7PtB3Gzc0UOtLuNbAHC3Dgtx3SqjhA/kz1mxBGdV2NVQv:DXYzu7PtB3h0UjbUC3DgtxCqjaK19
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-