General
-
Target
MEMZ-virus
-
Size
216KB
-
Sample
240420-qjcprshe74
-
MD5
9bc1dec9d7d85c244c741184bb43fcc4
-
SHA1
caaca15b00951b9defc1c46aea4ed221792fbd9e
-
SHA256
c242bfe3e1830dd8586b05a3c1d05b0e034cc640e359df8620e3d0972a61ba3e
-
SHA512
7a17549656f563f5eff05bee1fe316119c46ab4ec4beccb56c889f20d288f57d05ca1882cb79e27b9ceff176a388ec2e08f816ef4949ad8baf5b9cd8106520d6
-
SSDEEP
6144:xDuqJgf7eVSgE29xxskm0nayRo3f90vZJT3CqbMrhryfQNRPaCieMjAkvCJv1ViE:Wf7eVSgE29xxskm0nayRo3f90vZJT3Cb
Static task
static1
Behavioral task
behavioral1
Sample
MEMZ-virus
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
MEMZ-virus
-
Size
216KB
-
MD5
9bc1dec9d7d85c244c741184bb43fcc4
-
SHA1
caaca15b00951b9defc1c46aea4ed221792fbd9e
-
SHA256
c242bfe3e1830dd8586b05a3c1d05b0e034cc640e359df8620e3d0972a61ba3e
-
SHA512
7a17549656f563f5eff05bee1fe316119c46ab4ec4beccb56c889f20d288f57d05ca1882cb79e27b9ceff176a388ec2e08f816ef4949ad8baf5b9cd8106520d6
-
SSDEEP
6144:xDuqJgf7eVSgE29xxskm0nayRo3f90vZJT3CqbMrhryfQNRPaCieMjAkvCJv1ViE:Wf7eVSgE29xxskm0nayRo3f90vZJT3Cb
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-