General
-
Target
Bonzify.bin.zip
-
Size
5.6MB
-
Sample
240415-3kvcesdc8z
-
MD5
c74a814bf73916f260c9ead93cbc25d8
-
SHA1
c30c813e2d7a8b0b07737578e526c531c4618b88
-
SHA256
a88067e092dbd0f7ce36eabdb7ab97d37e125962d30eb1b9ef48caa17333fd7e
-
SHA512
7fd5a30bca5178953d538e38fd081c5c28920d89a7768084c4c815a036bbe6adb0d88543bce725355f2f6cbadec09c4caf45eb6c8361365503c82ea104327e82
-
SSDEEP
98304:IFECoItQwcAPOy+uPo7b0beVCYwCEkH4B+aCPEojqfCu5Sb5biEfV2N2smW9uB:AWzAUuPLCpnYUPEQu5Sb5+Ef22z3B
Static task
static1
Behavioral task
behavioral1
Sample
Bonzify.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
Bonzify.bin
-
Size
6.4MB
-
MD5
9c352d2ce0c0bdc40c72f52ce3480577
-
SHA1
bd4c956186f33c92eb4469f7e5675510d0790e99
-
SHA256
d7e6580054525d3f21f86edfc9f30b7a75ffa829a1eb67ee3cab33f0040dba4e
-
SHA512
c1926d59272df0e049467f4497bcc3631bbc1aa5337e87f4af31bfdba60c9ef460e394380024ffa7e71fef8938761d48d75e9dc93dc7529d2b9c8c638dddae92
-
SSDEEP
196608:/dAMaWetTeAkLIdx751qFTkub//73lc6u7b5VJ2Yx5xIdk3:naWedh+Idx75QYub//73lc6u7bLMYxD
Score8/10-
Modifies AppInit DLL entries
-
Modifies Installed Components in the registry
-
Possible privilege escalation attempt
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-