Overview

overview

10

Static

static

3

BUG32.exe

windows7-x64

BUG32.exe

windows10-2004-x64

Windows/Bonzify.exe

windows7-x64

8

Windows/Bonzify.exe

windows10-2004-x64

8

BossDaMajor.exe

windows7-x64

BossDaMajor.exe

windows10-2004-x64

FakeGoldenEye.exe

windows7-x64

6

FakeGoldenEye.exe

windows10-2004-x64

6

PCToaster.exe

windows7-x64

1

PCToaster.exe

windows10-2004-x64

7

Bolbi.vbs

windows7-x64

10

Bolbi.vbs

windows10-2004-x64

10

Resubmissions

16-03-2024 17:14

240316-vsg33ahc39 7

16-03-2024 17:12

240316-vqyb9shb94 10

16-03-2024 15:47

240316-s8g2wsea5y 10

Analysis

  • max time kernel
    0s
  • max time network
    4s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    16-03-2024 15:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FakeGoldenEye.exe

  • Size

    76KB

  • MD5

    26758407117c78422332c443ca7ed21d

  • SHA1

    9ab022e854166f4ec567d2ed4cf15880c13b3d95

  • SHA256

    2900dcc4246afc601ada049b127c4344fa917acf1689a6a4748ee72f93f503ed

  • SHA512

    ddbc118d3124508e4a9493b0d55eced154ae41c641f852f49b7f2b72fb9770d5af7ccf913b65e87bd9d66a4e0064d47bebd62e38cc03953c30d48ece13d501ee

  • SSDEEP

    1536:5GIHamLYZy4hk7CR8yrO1gStZ6PjydhiAphYjy:rRfi88OOKZSjioJjy

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FakeGoldenEye.exe
    "C:\Users\Admin\AppData\Local\Temp\FakeGoldenEye.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    • Suspicious use of AdjustPrivilegeToken
    PID:1972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1972-0-0x0000000010000000-0x0000000010007000-memory.dmp

    Filesize

    28KB

    Download