Overview

overview

7

Static

static

3

BonziKillSetup.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    BonziKillSetup.exe

  • Size

    63.7MB

  • Sample

    230524-t32d1sde64

  • MD5

    60bc5bd6dcdd3870112931bd74224278

  • SHA1

    8206009ade71fba8f742486b48c5d3b5a849d1ed

  • SHA256

    c5d6b13e3dc95042f8811f8a2cca7adcd10b5549db500ae05ad4a6435372281e

  • SHA512

    5e9b208c5775ae227cbe4c089de2564eafad114cb0327d3d3b7b4cd9a4de381886553a56a28a1a3258bc0a2593fae471c627ed5f31e62af725cd0c2c0da0fa07

  • SSDEEP

    1572864:KJszYOgrpz7ORqBsNb8rdrC8WB/Vn5qI8n8O6SDaY1maL3:bgrp3OMBsRA3qV8n8O6t2h7

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      BonziKillSetup.exe

    • Size

      63.7MB

    • MD5

      60bc5bd6dcdd3870112931bd74224278

    • SHA1

      8206009ade71fba8f742486b48c5d3b5a849d1ed

    • SHA256

      c5d6b13e3dc95042f8811f8a2cca7adcd10b5549db500ae05ad4a6435372281e

    • SHA512

      5e9b208c5775ae227cbe4c089de2564eafad114cb0327d3d3b7b4cd9a4de381886553a56a28a1a3258bc0a2593fae471c627ed5f31e62af725cd0c2c0da0fa07

    • SSDEEP

      1572864:KJszYOgrpz7ORqBsNb8rdrC8WB/Vn5qI8n8O6SDaY1maL3:bgrp3OMBsRA3qV8n8O6t2h7

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks