MEMZ is a trojan horse created for Microsoft Windows.[1][2][3][4][5] The name of the malware refers to its purpose as a humorous Trojan intended to replicate the effects of early computer viruses.

MEMZ
A computer infected with the MEMZ Trojan. Depicted is one of the malware's key payloads, a "screen tunneling" effect.
TypeTrojan horse
AuthorsLeurak
Technical details
PlatformWindows XP

Windows Vista Windows 7 Windows 8 Windows 10 Windows 11

Linux (via WineHQ)

macOS (via WineHQ)

Origin

edit

MEMZ was originally created by Leurak for YouTuber danooct1's Viewer-Made Malware series.[4] It was later featured by Joel Johansson, alias Vargskelethor, a member of the livestreaming group Vinesauce on his series Windows Destruction. Here, he demonstrated the trojan in action against a Windows 10 virtual machine[6] after being provided with a copy by danooct1.

Payloads

edit

The trojan gained notoriety for its unique and complex payloads, which automatically activate after each other, some with delay. Examples of payloads include displaying a Windows Notepad file that reads:

YOUR COMPUTER HAS BEEN FUCKED BY THE MEMZ TROJAN.

Your computer won't boot up again, so use it as long as you can! :D

Trying to kill MEMZ will cause your system to be destroyed instantly, so don't try it :D

Others include randomly moving the cursor slightly; opening up satirical Google searches under Google.co.ck, such as "how to remove a virus" and "how to get money" on the user's web browser; reversing text; and opening various random Microsoft Windows programs, such as the calculator or command prompt. True to the program's name, many parts of the trojan are based on Internet memes; for example, the trojan overwrites the boot sector with an animation of Nyan Cat.[1][2][3][4][5] Leurak also created a safer version of MEMZ called MEMZ-Clean. The clean version allows the non-destructive payloads to be safely tested and gives the user full control about which payloads are active.[7]

VineMEMZ Variation

edit

A variant of MEMZ, dubbed "VineMEMZ", was coded by Leurak as a gift to Johansson after the livestream featuring the original MEMZ gained significant traction. This version of MEMZ is similar to the original, but features many references to Vinesauce, especially Johansson's other game streams, such as the bootleg game 7 Grand Dad and the adware program BonziBuddy. This variant has also been released to the public.[8]

VineMEMZ running on Windows 11. Depicted is one of its payloads, the christmas light effect, where it changes the screen color. For this image, it is set to pink. Half of the payloads have executed at this point.

References

edit
  1. ^ a b White, Daniel (July 8, 2016). "Viewer-Made Malware 8 - MEMZ (Win32) (flashing lights warning)". YouTube. Retrieved December 21, 2018.
  2. ^ a b Dean, Madeleine (August 26, 2016). "MEMZ virus: what is it and how it affects Windows PC?". Windows Report. Archived from the original on 2018-07-05. Retrieved December 21, 2018.
  3. ^ a b Oberhaus, Daniel (July 9, 2016). "Watch This Malware Turn a Computer into a Digital Hellscape". Motherboard. Retrieved December 21, 2018.
  4. ^ a b c Maiberg, Emaneul (July 30, 2016). "Preserving the Ancient Art of Getting Pwned". Motherboard. Retrieved December 21, 2018.
  5. ^ a b Kushman. "Hãy xem cách Malware biến máy tính của bạn thành một địa ngục số kinh hoàng như thế nào". GenK (in Vietnamese). Retrieved December 21, 2018.
  6. ^ Leurak (2016-07-24), [Vinesauce] Joel tries out the MEMZ Trojan (with chat), retrieved 2019-06-26
  7. ^ "MEMZ 4.0 - The clean version (including download)". KC Protrade Services Inc. 2017-06-01. Retrieved 2021-04-14.
  8. ^ danooct1. "VineMEMZ (Win32)". YouTube. Retrieved 8 December 2019.{{cite web}}: CS1 maint: numeric names: authors list (link)