60a8e0be576a87b775fa74a9ba99473727bf7b01d23c0f3ee213a08b747600c4 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

Bonzify.exe

windows11-21h2-x64

8

Resubmissions

Sharing

General

Target

Bonzify.exe
Size

6.4MB
Sample

240414-vmncwsdb6y
MD5

12fda5fe2008fcd7693262a8aa08d805
SHA1

1e3ee41e5bb6dd8b5c543e5d131bfa77be8edf86
SHA256

60a8e0be576a87b775fa74a9ba99473727bf7b01d23c0f3ee213a08b747600c4
SHA512

ee884cef396e15ad12f302931e532abfd830381cb7d5717bf4ee90f60b9f398e53967c7dc4dede8ac4b1756f32b0e3a71def6e4c86638a7bf8efa4f8b4da48c1
SSDEEP

196608:bdAMaWetTeAkLIdx751qFTkub//73lc6u7b5VJ2Yx5xIdk3:7aWedh+Idx75QYub//73lc6u7bLMYxD

Score

8^/10

discovery exploit persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Bonzify.exe

Resource

win11-20240412-en

discovery exploit persistence

windows11-21h2-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  Bonzify.exe
- Size
  
  6.4MB
- MD5
  
  12fda5fe2008fcd7693262a8aa08d805
- SHA1
  
  1e3ee41e5bb6dd8b5c543e5d131bfa77be8edf86
- SHA256
  
  60a8e0be576a87b775fa74a9ba99473727bf7b01d23c0f3ee213a08b747600c4
- SHA512
  
  ee884cef396e15ad12f302931e532abfd830381cb7d5717bf4ee90f60b9f398e53967c7dc4dede8ac4b1756f32b0e3a71def6e4c86638a7bf8efa4f8b4da48c1
- SSDEEP
  
  196608:bdAMaWetTeAkLIdx751qFTkub//73lc6u7b5VJ2Yx5xIdk3:7aWedh+Idx75QYub//73lc6u7bLMYxD
Score

8^/10

discovery exploit persistence
- Modifies Installed Components in the registry
  persistence
- Possible privilege escalation attempt
  exploit
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

File and Directory Permissions Modification

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryexploitpersistence

© 2018-2024

Terms | Privacy