bandook | e2e984b3044ab8f96ec284dc2af339923fb6cdded37a551125c899a1c60376a3 | Triage

Submit
Reports

Overview

overview

Static

static

1

Solicitud ...́.exe

windows7-x64

Solicitud ...́.exe

windows10-2004-x64

Sharing

General

Target

Solicitud de comprá.exe
Size

4.6MB
Sample

230301-vydylagg7x
MD5

795d1f81ac926d3e071eacef70e595c1
SHA1

73301458ce9c775e6416fbe9f1921ecc4f69d099
SHA256

e2e984b3044ab8f96ec284dc2af339923fb6cdded37a551125c899a1c60376a3
SHA512

c436fd1ebc99d384c434e2b6b6494fefa7f18ccae6de755491ae03b234b6f08fcb616a5a60e89b6e80356cbf00c39ddc8e350e6bad8f23285498a906b9df5a85
SSDEEP

49152:nvPLNuoyGZVhMfUhJKehyrNru0bqMpjgK9aSN6wtiGe50oO6z7YYA698nTnUkcNW:nvPRBIsTKehy3

Score

10^/10

bandook rat trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

Solicitud de comprá.exe

Resource

win7-20230220-en

bandook rat trojan upx

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

Solicitud de comprá.exe

Resource

win10v2004-20230220-en

bandook rat trojan upx

windows10-2004-x64

5 signatures

300 seconds

Malware Config

Extracted

Family

bandook

C2

gombos.ru

Targets

- Target
  
  Solicitud de comprá.exe
- Size
  
  4.6MB
- MD5
  
  795d1f81ac926d3e071eacef70e595c1
- SHA1
  
  73301458ce9c775e6416fbe9f1921ecc4f69d099
- SHA256
  
  e2e984b3044ab8f96ec284dc2af339923fb6cdded37a551125c899a1c60376a3
- SHA512
  
  c436fd1ebc99d384c434e2b6b6494fefa7f18ccae6de755491ae03b234b6f08fcb616a5a60e89b6e80356cbf00c39ddc8e350e6bad8f23285498a906b9df5a85
- SSDEEP
  
  49152:nvPLNuoyGZVhMfUhJKehyrNru0bqMpjgK9aSN6wtiGe50oO6z7YYA698nTnUkcNW:nvPRBIsTKehy3
Score

10^/10

bandook rat trojan upx
- Bandook RAT
  Bandook is a remote access tool written in C++ and shipped with a loader written in Delphi.
  rat trojan bandook
- Bandook payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bandookrattrojanupx

behavioral2

bandookrattrojanupx

© 2018-2024

Terms | Privacy