General
-
Target
MEMZ.bat
-
Size
13KB
-
Sample
240508-xy2qrsah5s
-
MD5
63c6ec6b042bcb00d2d832c0e4f25dca
-
SHA1
a904a7c3fc89ff497e91384a63db3282e00d31ce
-
SHA256
dae968f47476ef79b122e771ccd0a2bacde2ac3535f68047239682fefa3dfe50
-
SHA512
1454cd79a59f0603ae083abb7f3b1438e18c7858ab04dfc3df1a725cee72be48274c289d5c0a44ce415f4bdf8a2c316312453862381fdbf0f4af97a62234e41a
-
SSDEEP
192:E7N3ODNPiwc205VjF+Ijytxd+7yxpVtLoTKihWn5hhHxGtHfzf+H/0Nz6hcbXR:E85qwc35O1+7y/LphxxGtHAhubXR
Static task
static1
Behavioral task
behavioral1
Sample
MEMZ.bat
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
MEMZ.bat
Resource
win7-20240221-en
Behavioral task
behavioral3
Sample
MEMZ.bat
Resource
win10v2004-20240426-en
Behavioral task
behavioral4
Sample
MEMZ.bat
Resource
win11-20240419-en
Malware Config
Targets
-
-
Target
MEMZ.bat
-
Size
13KB
-
MD5
63c6ec6b042bcb00d2d832c0e4f25dca
-
SHA1
a904a7c3fc89ff497e91384a63db3282e00d31ce
-
SHA256
dae968f47476ef79b122e771ccd0a2bacde2ac3535f68047239682fefa3dfe50
-
SHA512
1454cd79a59f0603ae083abb7f3b1438e18c7858ab04dfc3df1a725cee72be48274c289d5c0a44ce415f4bdf8a2c316312453862381fdbf0f4af97a62234e41a
-
SSDEEP
192:E7N3ODNPiwc205VjF+Ijytxd+7yxpVtLoTKihWn5hhHxGtHfzf+H/0Nz6hcbXR:E85qwc35O1+7y/LphxxGtHAhubXR
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-