Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Bonzify.zip

  • Size

    5.6MB

  • Sample

    230711-3r92fsbb33

  • MD5

    e04cf784135afc111f1b95c8384d445f

  • SHA1

    2527209996b16813e5c522c87a2d59b471f8cec8

  • SHA256

    c9857c479312169913a6ccca1be3592adba6330f78c7c0cb33389af6b13b6316

  • SHA512

    0604ded20c62993d13c94f355d8a89e43ef6db32a1b92cb1c61fe3b64aa72dcf991605e15574207a2a2cf1eaa87cf2f7af2e09e0b2422ac5093978c6ac70daec

  • SSDEEP

    98304:LDiXL6X9SSekWiRyZ0HTSWtz4ImhyHcrZTU3hyI3Zx7ZUrqB0DT4lWnTDojM+X69:LfX9SS6ivu/ImhE6ZcJwqBS4WDEMQuoo

Malware Config

Targets

    • Target

      Bonzify.exe

    • Size

      6.4MB

    • MD5

      fba93d8d029e85e0cde3759b7903cee2

    • SHA1

      525b1aa549188f4565c75ab69e51f927204ca384

    • SHA256

      66f62408dfce7c4a5718d2759f1d35721ca22077398850277d16e1fca87fe764

    • SHA512

      7c1441b2e804e925eb5a03e97db620117d3ad4f6981dc020e4e7df4bfc4bd6e414fa3b0ce764481a2cef07eebb2baa87407355bfbe88fab96397d82bd441e6a2

    • SSDEEP

      196608:adAMaWetTeAkLIdx751qFTkub//73lc6u7b5VJ2Yx5xIdk3:OaWedh+Idx75QYub//73lc6u7bLMYxD

    • Modifies Installed Components in the registry

    • Possible privilege escalation attempt

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks