Overview

overview

8

Static

static

1

MEMZ-Destructive.7z

windows11-21h2-x64

Resubmissions

11-08-2024 08:57

240811-kwnd5ssgrq 8

11-08-2024 08:53

240811-ktthdasgml 8

11-08-2024 08:47

240811-kp4sjssflj 10

11-08-2024 08:37

240811-kjelgawfla 8

11-08-2024 08:32

240811-ke9k2sscqm 10

11-08-2024 08:29

240811-kdnl7awdrb 6

11-08-2024 08:26

240811-kbzxfawdlc 6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MEMZ-Destructive.7z

  • Size

    17KB

  • Sample

    240811-kwnd5ssgrq

  • MD5

    d91a65636b8d4b7437983e064e2580fa

  • SHA1

    2bfaf387d22b7e9c1a54c35d8ab33fa84006ece3

  • SHA256

    c547f9193b8fcb681dbb93968d54ac9912901097e1912ff7ad11c5a9ee13062c

  • SHA512

    0175a90f980354b6f9a0fb66be6672c18c03a33fb547a0a16d159f18745f59fc5f4d9dae69dfd4d3bcffbc1bd3bbc73901000931dc3c12b70dde6e4e72a92f9f

  • SSDEEP

    384:CxpNbARMGzvkdrUUAhybY4GfheFQb4M4ecf3iQ/FF87u20VoDWXeQT:Cxp6RLzMtUUVMsFQb4ycfiQ/o10XeQT

Score
8/10
bootkitdefense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      MEMZ-Destructive.7z

    • Size

      17KB

    • MD5

      d91a65636b8d4b7437983e064e2580fa

    • SHA1

      2bfaf387d22b7e9c1a54c35d8ab33fa84006ece3

    • SHA256

      c547f9193b8fcb681dbb93968d54ac9912901097e1912ff7ad11c5a9ee13062c

    • SHA512

      0175a90f980354b6f9a0fb66be6672c18c03a33fb547a0a16d159f18745f59fc5f4d9dae69dfd4d3bcffbc1bd3bbc73901000931dc3c12b70dde6e4e72a92f9f

    • SSDEEP

      384:CxpNbARMGzvkdrUUAhybY4GfheFQb4M4ecf3iQ/FF87u20VoDWXeQT:Cxp6RLzMtUUVMsFQb4ycfiQ/o10XeQT

    Score
    8/10
    bootkitdefense_evasiondiscoverypersistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks