hxxps://github[.]com/vvinlind/MEMZ | Triage

Submit
Reports

Overview

overview

8

Static

static

1

URLScan

urlscan

https://github.com/v...

windows10-2004-x64

8

Sharing

General

Target

https://github.com/vvinlind/MEMZ
Sample

230401-ypqgtacc89

Score

8^/10

bootkit discovery exploit persistence

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://github.com/vvinlind/MEMZ

Resource

win10v2004-20230220-en

bootkit discovery exploit persistence

windows10-2004-x64

23 signatures

1800 seconds

Malware Config

Targets

- Target
  
  https://github.com/vvinlind/MEMZ
Score

8^/10

bootkit discovery exploit persistence
- Downloads MZ/PE file
- Possible privilege escalation attempt
  exploit
- Executes dropped EXE
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Bootkit

Privilege Escalation

Defense Evasion

File Permissions Modification

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

urlscan1

behavioral1

bootkitdiscoveryexploitpersistence

© 2018-2024

Terms | Privacy