General
-
Target
13140000.exe
-
Size
10.3MB
-
Sample
220519-ya7gsabbh2
-
MD5
80b58f43feb6e5b04250961c86e9e891
-
SHA1
bcd22b9e345da4d845b61c20aa429d713a307354
-
SHA256
0a4e59d0906316f0476dd5463ae6b93bb4a98211ff119f267b7320f13960bd47
-
SHA512
8536f888d70638ef5ae94b8d8e7e78b5a0c92a122d9a13563a4467602283f0d17f777acc385f820c15ceca755d3ed769b17ed82df80ea84d479c3cf9e1b1dffe
Static task
static1
Behavioral task
behavioral1
Sample
13140000.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
13140000.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
bandook
iamgood.blogdns.net
Targets
-
-
Target
13140000.exe
-
Size
10.3MB
-
MD5
80b58f43feb6e5b04250961c86e9e891
-
SHA1
bcd22b9e345da4d845b61c20aa429d713a307354
-
SHA256
0a4e59d0906316f0476dd5463ae6b93bb4a98211ff119f267b7320f13960bd47
-
SHA512
8536f888d70638ef5ae94b8d8e7e78b5a0c92a122d9a13563a4467602283f0d17f777acc385f820c15ceca755d3ed769b17ed82df80ea84d479c3cf9e1b1dffe
Score10/10-
Bandook payload
-
Adds Run key to start application
-