Overview

overview

7

Static

static

1

MEMZ 3.0/MEMZ.bat

windows7-x64

6

MEMZ 3.0/MEMZ.bat

windows10-2004-x64

7

MEMZ 3.0/MEMZ.exe

windows7-x64

6

MEMZ 3.0/MEMZ.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MEMZ 3.0 (1).rar

  • Size

    15KB

  • Sample

    230407-jv6cwsad8v

  • MD5

    230d7dcb83b67deff379a563abbbd536

  • SHA1

    dc032d6a626f57b542613fde876715765e0b1a42

  • SHA256

    a9cd3d966d453afd424d9ac54df414b80073bb51d249f4089185976fb316e254

  • SHA512

    7dff68e3f9be9320872ccb105b2e87f15b23807af96ca195a38a249d868468632c3d5811d9a51295ec89fe702d821c9466f93994993951d1238f07f096fb7d77

  • SSDEEP

    384:+gTgSLZ5WpPu3944wiiNIw2nbI6B/PvpITFkvbWa:+cvLZ5n9Sb9ytp6kl

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      MEMZ 3.0/MEMZ.bat

    • Size

      12KB

    • MD5

      13a43c26bb98449fd82d2a552877013a

    • SHA1

      71eb7dc393ac1f204488e11f5c1eef56f1e746af

    • SHA256

      5f52365accb76d679b2b3946870439a62eb8936b9a0595f0fb0198138106b513

    • SHA512

      602518b238d80010fa88c2c88699f70645513963ef4f148a0345675738cf9b0c23b9aeb899d9f7830cc1e5c7e9c7147b2dc4a9222770b4a052ee0c879062cd5a

    • SSDEEP

      384:nnLhRNiqt0kCH2LR0GPXxGiZgCz+KG/yKhLdW79HOli+lz3:nLhRN9t0SR4iZtzlREBWhuF

    Score
    7/10
    bootkitpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

    • Target

      MEMZ 3.0/MEMZ.exe

    • Size

      12KB

    • MD5

      a7bcf7ea8e9f3f36ebfb85b823e39d91

    • SHA1

      761168201520c199dba68add3a607922d8d4a86e

    • SHA256

      3ff64f10603f0330fa2386ff99471ca789391ace969bd0ec1c1b8ce1b4a6db42

    • SHA512

      89923b669d31e590189fd06619bf27e47c5a47e82be6ae71fdb1b9b3b30b06fb7ca8ffed6d5c41ac410a367f2eb07589291e95a2644877d6bffd52775a5b1523

    • SSDEEP

      192:HMDLTxWDf/pl3cIEiwqZKBktLe3P+qf2jhP6B5b2yL3:H4IDH3cIqqvUWq+jhyT2yL

    Score
    7/10
    bootkitpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral3behavioral4

MITRE ATT&CK Enterprise v6

Tasks