Overview

overview

7

Static

static

3

MEMZ Safe Payload.zip

windows10-2004-x64

7

MEMZ Safe ...ell.py

windows10-2004-x64

3

MEMZ Safe ...ors.py

windows10-2004-x64

3

MEMZ Safe ...ert.py

windows10-2004-x64

3

MEMZ Safe ...oo.exe

windows10-2004-x64

7

MEMZ Safe ...een.py

windows10-2004-x64

3

MEMZ Safe ...ell.py

windows10-2004-x64

3

MEMZ Safe ...le.wav

windows10-2004-x64

6

MEMZ Safe ...Zoo.py

windows10-2004-x64

3

MEMZ Safe ...ion.py

windows10-2004-x64

3

MEMZ Safe ...oid.py

windows10-2004-x64

3

MEMZ Safe ...ves.py

windows10-2004-x64

3

Resubmissions

24/04/2024, 20:02

240424-yskezagf29 7

24/04/2024, 19:59

240424-yqd56sge77 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    MEMZ Safe Payload.zip

  • Size

    21.9MB

  • Sample

    240424-yqd56sge77

  • MD5

    199c0cc60f370e8175915da74bbf0af6

  • SHA1

    7497acdcd33f85d970924574a6e0049a2f47956f

  • SHA256

    8bfa748b6af386446d27aed38a532717fed64ae11f6ea258a27782ea21ecdc60

  • SHA512

    78bbb9336a8b87a337bd00b38fbd721dba1b0f798158a15b7119e5c2f846c4aaf25289d8099b255f0e77e6b1b659b12cbb6f17abee585cf07f3a6215590a0af6

  • SSDEEP

    393216:IyHb/B8PmUlhFsGyEDB6qRNtldjfMuIGIHHO6R0JZpOyg+c:jHb/B8uUYEEqlrMvtHO/8B

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      MEMZ Safe Payload.zip

    • Size

      21.9MB

    • MD5

      199c0cc60f370e8175915da74bbf0af6

    • SHA1

      7497acdcd33f85d970924574a6e0049a2f47956f

    • SHA256

      8bfa748b6af386446d27aed38a532717fed64ae11f6ea258a27782ea21ecdc60

    • SHA512

      78bbb9336a8b87a337bd00b38fbd721dba1b0f798158a15b7119e5c2f846c4aaf25289d8099b255f0e77e6b1b659b12cbb6f17abee585cf07f3a6215590a0af6

    • SSDEEP

      393216:IyHb/B8PmUlhFsGyEDB6qRNtldjfMuIGIHHO6R0JZpOyg+c:jHb/B8uUYEEqlrMvtHO/8B

    Score
    7/10

    • Loads dropped DLL

    behavioral1

    • Target

      MEMZ Safe Payload/bwhell.py

    • Size

      315B

    • MD5

      3ca0aeb7ffe23c01acb92d5137920120

    • SHA1

      6b8f19a0d7e17f6a989c71cbbe7e94ffa6bb3583

    • SHA256

      45328d0837fa8a5154178055f8438d7bf46c80da4dea7f52d143560c62861125

    • SHA512

      59ca24d5e155c440a1cc7d4d2f94fd41e6732efb6331a5432b34c2b60cedb18228d827c2dc42e5157b79c7803970d0628d2b456556ea2ec3a00dfcecc58635b6

    Score
    3/10
    behavioral2

    • Target

      MEMZ Safe Payload/errors.py

    • Size

      486B

    • MD5

      5af6bbe8c6cee10d3c415f5bb4427e4f

    • SHA1

      036540208ddb37e609f823205a8c4075bfcd5a6e

    • SHA256

      3cc995359f4ee362bf3779481cf158884185518cdd223a0bbc508a56703383bf

    • SHA512

      949352947fd07dc3a9b3c5f2b02985b6d85125fda414f90742c2c39cf5bf1594891bac3cf71018e03f02d242a7a8f1fbf17579c938a64f3a6f125ce780c15371

    Score
    3/10
    behavioral3

    • Target

      MEMZ Safe Payload/invert.py

    • Size

      240B

    • MD5

      91204dcdb66d2ada1068cfa2511d2fea

    • SHA1

      cbc145b07786420d5af97b701ecc4970d3aed699

    • SHA256

      bb38f28f1ff88c4ca9ef8bdf90d4205fce45c24ee5fc2d39edfbc6c8de7caa4a

    • SHA512

      4c20333237bb3a840da4a2fcba5f05c21de946b80005a5122b23403d3f48fc2bdc7fc283477cc6b259994fab5c53b314d33d2a5f9fb80727fa13c1315b362d69

    Score
    3/10
    behavioral4

    • Target

      MEMZ Safe Payload/output/theZoo.exe

    • Size

      17.1MB

    • MD5

      d989c6e679274a386933bbf3ba734607

    • SHA1

      5b6fc4f5f764eef26de456b744e3adb99b65ff60

    • SHA256

      c0b9df49a0ff6d0441c76cf6c766660a85224eb9940afed6e36111dda013a542

    • SHA512

      1365ae35e935ff11425344931f768537a0eebef22a58fbd75e6b9e469353aa973b0166cadb7cb1c6c8bc9d4f3e41a1030c2827f4c4ab421857b27836a78db6b8

    • SSDEEP

      393216:aQaPDdIE92T0InEroXzR0PDdrETgM114S2cl9tZch:aQaPJj927ErUzR0PJrE3scvt

    Score
    7/10

    • Loads dropped DLL

    behavioral5

    • Target

      MEMZ Safe Payload/panscreen.py

    • Size

      533B

    • MD5

      8a45d41aae52a3284d94c7b18e19749e

    • SHA1

      ff697117bef8f420bb7492c739de48e2afdb2cfb

    • SHA256

      2a02164693aaf59b1e89ebd8ca7533a4b58c327f7a48b0b5478d278d337eac87

    • SHA512

      a38147f6a9823435776576b7c88760b7b1cecd361c715a5ef1d48587a78b9cc454d7cebffccad4ef683ded6006ccefdf1578239dd76aa78165ed777f2769836f

    Score
    3/10
    behavioral6

    • Target

      MEMZ Safe Payload/rainbowhell.py

    • Size

      665B

    • MD5

      87c95995e994681c6e9ec1915fc89481

    • SHA1

      a0b9624d8cfe580b7957e5941a4a771037b9adf9

    • SHA256

      dd2bdd2cc2891364eb58b36bc2e6b2f7b00d5ea2e732da31e3eeb8db569b42cb

    • SHA512

      b59a4d3a0f8277b6760132fa02e14c58555b19dd500370bb8a9a2679299d7718a83424d06ef06b22f93b12cb4fb2f7c2bf6f1c92a2fb0e74216a07cb0d3f7aa1

    Score
    3/10
    behavioral7

    • Target

      MEMZ Safe Payload/soundfile.wav

    • Size

      6.2MB

    • MD5

      efc6e6214dd1c293dd4ff181013852a4

    • SHA1

      11e608f87bde0bc8abf8e070966145ba80d025b9

    • SHA256

      78f096f8aad74defda542e40ccd235753b141ce3828d56459d07af8b8b2211c9

    • SHA512

      059d4d26643fcc23fe74d42168be837645fd9cfd1f4bc7438774b51059ef63f9710fae5dd10a88f7b7d3c3c184c77224d39cba9d8ce8896a9a20215dfe384e65

    • SSDEEP

      98304:C4JsOIwCRs/fcFCqBZi9hAmsBhfOiWiEX2H/8QWbV0lAVk5loqbIb2T:C4KOIzRsyCEYTqWiWrQ/Ak5loqbIb2T

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral8

    • Target

      MEMZ Safe Payload/theZoo.py

    • Size

      2KB

    • MD5

      f9ebdc47acd7d97298f6034d762826f7

    • SHA1

      87b424968c6bb0f6412e513632bf582edf63e753

    • SHA256

      5db7ce70619a096da0d19e5046d1021fd58f199219e470880064a44004b338ad

    • SHA512

      eb6715ed8a4bb7b77d6756dd9307c8cdc9afc09d8ea709a5dcfc205e9196b3973f351ec7426d59c896afb75e1a0c98a691dac34436c229fb4a9e671c2a9bad69

    Score
    3/10
    behavioral9

    • Target

      MEMZ Safe Payload/theZooHellEdition.py

    • Size

      3KB

    • MD5

      d02d4d4de32355153a6e9681fc45d216

    • SHA1

      aad3c88ba1caa201f909358f48a304888262b21a

    • SHA256

      5d234bd7ba8b2f09efaf7f29f5225f18380d72f68c29b8e0d8c2c8d284f7445f

    • SHA512

      2a93503a6a66647838cb5ebdcd0d843ee7a3c2f2585b70b70bd97c24574a6651c4a48e59dddeebef9245cc85c7f7150838c20e414d9dbc11ed4d2a8d6888297d

    Score
    3/10
    behavioral10

    • Target

      MEMZ Safe Payload/void.py

    • Size

      531B

    • MD5

      ba10c8aede3d206681b057a03b124e77

    • SHA1

      7672f5c7e169055292a26a49ca1ba9d1a9e20399

    • SHA256

      c81cdb9991d29d9f40f1780a5f148b1f825b31c3324bdd577865c8132b7c2cdc

    • SHA512

      9f08cbea82dd6abb2417bfbe8d26325f3ce9b73e51e7ec6a60c257e7b86213d04582664e4c472d755f0099c1dab4cd0309f3f24e135f668843ad6fc847c8bb00

    Score
    3/10
    behavioral11

    • Target

      MEMZ Safe Payload/waves.py

    • Size

      636B

    • MD5

      cccc208da242962349a63649ecb92fbb

    • SHA1

      2876c768a233f76a93dc3e2a5ec4a04916775fa8

    • SHA256

      4f4c9e61e50ac66765c7b467b69bda214a6bea96b298a881ba2c5752004c8b7e

    • SHA512

      a2f3c46b2c77355a8465050dede9205ab5539bf6f051e75c6b7bffc383fbc44a010a44796bfa709265980706c562d63e47e5b956ae9a98c9ece23d2f78670cd1

    Score
    3/10
    behavioral12

MITRE ATT&CK Enterprise v15

Tasks