General
-
Target
memz.bat
-
Size
13KB
-
Sample
230406-kedtdacc37
-
MD5
44fbd58c401a7786da2e8b6a6291379e
-
SHA1
9dbfd08fa557d9dce79911eb4bbddb2008d4f53f
-
SHA256
d8b47727ea05305ad396977b336c3bfc86ae122cdde01976fa9b0c3a7c2d3f24
-
SHA512
c369f749ba3ef4e463524b3483c4250311c2a19414a49dc86c052cac9c9d0a3b05dbdbf71b854ccf6f46abc46e439f9264c7672e22a0c3004b7d679e26a56de3
-
SSDEEP
192:vOyUySl0UaDz2gWsIzlmj+BxZ3yqueWQx0lZicyC8Sh31xcjBzyxwn7AVhllz3:vVODaDSHMql3yqlxy5L1xcjwrlz3
Static task
static1
Behavioral task
behavioral1
Sample
memz.bat
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
memz.bat
-
Size
13KB
-
MD5
44fbd58c401a7786da2e8b6a6291379e
-
SHA1
9dbfd08fa557d9dce79911eb4bbddb2008d4f53f
-
SHA256
d8b47727ea05305ad396977b336c3bfc86ae122cdde01976fa9b0c3a7c2d3f24
-
SHA512
c369f749ba3ef4e463524b3483c4250311c2a19414a49dc86c052cac9c9d0a3b05dbdbf71b854ccf6f46abc46e439f9264c7672e22a0c3004b7d679e26a56de3
-
SSDEEP
192:vOyUySl0UaDz2gWsIzlmj+BxZ3yqueWQx0lZicyC8Sh31xcjBzyxwn7AVhllz3:vVODaDSHMql3yqlxy5L1xcjwrlz3
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-