hxxps://github[.]com/Viper4K/malware/blob/master/MEMZ/MEMZ[.]exe | Triage

Submit
Reports

Overview

overview

8

Static

static

1

URLScan

urlscan

https://github.com/V...

windows10-2004-x64

Sharing

General

Target

https://github.com/Viper4K/malware/blob/master/MEMZ/MEMZ.exe
Sample

240523-h3jy7ahc2t

Score

8^/10

evasion persistence ransomware

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://github.com/Viper4K/malware/blob/master/MEMZ/MEMZ.exe

Resource

win10v2004-20240426-en

evasion persistence ransomware

windows10-2004-x64

19 signatures

1800 seconds

Malware Config

Targets

- Target
  
  https://github.com/Viper4K/malware/blob/master/MEMZ/MEMZ.exe
Score

8^/10

evasion persistence ransomware
- Disables Task Manager via registry modification
  evasion
- Downloads MZ/PE file
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
- Modifies WinLogon
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Defacement

Resource Development

Reconnaissance

Tasks

static1

urlscan1

behavioral1

evasionpersistenceransomware

© 2018-2024

Terms | Privacy