Overview

overview

8

Static

static

1

MEMZ-virus

windows7-x64

8

Resubmissions

07/09/2024, 02:34

240907-c2qgpa1dmd 8

Sharing

Copy URL Twitter E-mail

General

  • Target

    MEMZ-virus

  • Size

    249KB

  • Sample

    240907-c2qgpa1dmd

  • MD5

    2b364eb4aa6024c6b68b4401fcf075cd

  • SHA1

    8e8aa54ac2c213df7eba142b1105fdc8060c983f

  • SHA256

    d57d14249cc97c8de6b12ec3ab5f132778967f206c763368c6c5f03cd4d5ea27

  • SHA512

    6f4b47ded248cdf84a59459dae9131952ef3da0b3f63a73688374f5994e5291a6b90968b1b44455051dc2f1c942476ccd1807a53a12ed23804af4ad69d34ddc6

  • SSDEEP

    6144:/xoQk3uokeOvHS1d1+CNs8wbiWQk9BvZJT3CqbMrhryf65NRPaCieMjAkvCJv1VD:poQk3uokeOvHS1d1+CNs8wbiWQk9BvZc

Score
8/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      MEMZ-virus

    • Size

      249KB

    • MD5

      2b364eb4aa6024c6b68b4401fcf075cd

    • SHA1

      8e8aa54ac2c213df7eba142b1105fdc8060c983f

    • SHA256

      d57d14249cc97c8de6b12ec3ab5f132778967f206c763368c6c5f03cd4d5ea27

    • SHA512

      6f4b47ded248cdf84a59459dae9131952ef3da0b3f63a73688374f5994e5291a6b90968b1b44455051dc2f1c942476ccd1807a53a12ed23804af4ad69d34ddc6

    • SSDEEP

      6144:/xoQk3uokeOvHS1d1+CNs8wbiWQk9BvZJT3CqbMrhryf65NRPaCieMjAkvCJv1VD:poQk3uokeOvHS1d1+CNs8wbiWQk9BvZc

    Score
    8/10
    bootkitdiscoverypersistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks