General
-
Target
IMGN_LISTP_011020221.rar
-
Size
2.0MB
-
Sample
221003-zvzs4sfdb8
-
MD5
e02ee9b8ab85f6793820837283727528
-
SHA1
0225e77c996618b7430b215d0fb76bf034f1dfc6
-
SHA256
f7ae58131380e4ad06855118232495f0cf94512d2c77fdea43439f6166ce9d15
-
SHA512
078197404e0bd8fc6e40023e6ffae61431e7fdfa813691b8e0001e04a35aa0f807f15a31d0e074c3214770d5c11273d5936ff58ec92967ae68c589e92d4ec75f
-
SSDEEP
49152:sYYGPkPrbabHa2ZbQiZGQE/uq7umq3pfKzJhjHJVQ+5thn7:jYGPOn2ZPXE/uq7umQG3JVN5Pn7
Malware Config
Targets
-
-
Target
LISTA DE PRECIOS.exe
-
Size
3.2MB
-
MD5
cf32d6086b1b371e37c72ab4d1bf3718
-
SHA1
159d9cc099e39cf1c6f78800f958cd6c9b6fd6ff
-
SHA256
809ac4767f634473d3a7fde8f76034a1d8ab30c0314dbf84782000247a15e636
-
SHA512
d49db48a9efbef6be586a91645d5743ec5a14564f1967ae0ea8469a243174f0f26fc7806b3725cc7bb42d6d4b916af09ab51bcc08967574eede72fab6ae6bc67
-
SSDEEP
49152:x+Laj3YA47J/EYIIMdsrDoiQzsf2JKoE+phed4nMRyn:ALAYAJ
Score10/10-
Bandook RAT
Bandook is a remote access tool written in C++ and shipped with a loader written in Delphi.
-
Bandook payload
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-