General
-
Target
MEMZ-virus
-
Size
224KB
-
Sample
240608-t2hwaadc9w
-
MD5
09d169ea51596cb548ebc678ae8c96ce
-
SHA1
1207616748d92bcbc7cf0787fceebd45dd91326f
-
SHA256
fc477b57871d54b9b9d9dde032ed95710374aa06e05668e19cfce47687aafea1
-
SHA512
c8daf5e8020efe67fbc4ea355fc63e8ed4a30094180c9a36a8373427ff980c6c07cef772118d05a1f5b9d0c0dc452a5cb12ed1da0f3c5d42a3254f1f8539c106
-
SSDEEP
6144:aHo5e2n9dH5M2vkm0aWyRv3pId9RJ9ovZJT3CqbMrhryfQNRPaCieMjAkvCJv1Vp:Ao5e2n9dH5M2vkm0aWyRv3pId9RJ9ovQ
Static task
static1
Behavioral task
behavioral1
Sample
MEMZ-virus
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
MEMZ-virus
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
MEMZ-virus
-
Size
224KB
-
MD5
09d169ea51596cb548ebc678ae8c96ce
-
SHA1
1207616748d92bcbc7cf0787fceebd45dd91326f
-
SHA256
fc477b57871d54b9b9d9dde032ed95710374aa06e05668e19cfce47687aafea1
-
SHA512
c8daf5e8020efe67fbc4ea355fc63e8ed4a30094180c9a36a8373427ff980c6c07cef772118d05a1f5b9d0c0dc452a5cb12ed1da0f3c5d42a3254f1f8539c106
-
SSDEEP
6144:aHo5e2n9dH5M2vkm0aWyRv3pId9RJ9ovZJT3CqbMrhryfQNRPaCieMjAkvCJv1Vp:Ao5e2n9dH5M2vkm0aWyRv3pId9RJ9ovQ
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-