3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff | Triage

Submit
Reports

Overview

overview

7

Static

static

3

MEMZ.exe

windows7-x64

6

MEMZ.exe

windows10-2004-x64

7

Resubmissions

05/05/2023, 12:47 UTC

230505-pz63waaf24 7

04/05/2023, 21:52 UTC

230504-1q4f6sfd43 8

04/05/2023, 20:56 UTC

230504-zrfwtsha3v 7

04/05/2023, 20:51 UTC

230504-znmvzagh9t 7

Sharing

General

Target

MEMZ.exe
Size

16KB
Sample

230504-znmvzagh9t
MD5

1d5ad9c8d3fee874d0feb8bfac220a11
SHA1

ca6d3f7e6c784155f664a9179ca64e4034df9595
SHA256

3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff
SHA512

c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1
SSDEEP

192:M2WgyvSW8gRc6olcIEiwqZKBkDFR43xWTM3LHf26gFrcx3sNq:JWgnSmFlcIqq3agmLH+6gF23sN

Score

7^/10

bootkit persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

MEMZ.exe

Resource

win7-20230220-en

bootkit persistence

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

MEMZ.exe

Resource

win10v2004-20230220-en

bootkit persistence

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  MEMZ.exe
- Size
  
  16KB
- MD5
  
  1d5ad9c8d3fee874d0feb8bfac220a11
- SHA1
  
  ca6d3f7e6c784155f664a9179ca64e4034df9595
- SHA256
  
  3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff
- SHA512
  
  c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1
- SSDEEP
  
  192:M2WgyvSW8gRc6olcIEiwqZKBkDFR43xWTM3LHf26gFrcx3sNq:JWgnSmFlcIqq3agmLH+6gF23sN
Score

7^/10

bootkit persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.