bandook | 01e8536751080ea135c3ad7ae9187d06cdcccddfc89bc0d41ea4281eeb3e9fb4 | Triage

Submit
Reports

Overview

overview

Static

static

1

Solicitud ...́.exe

windows7-x64

Solicitud ...́.exe

windows10-2004-x64

Sharing

General

Target

Solicitud de comprá.exe
Size

4.6MB
Sample

230430-ka8g7ahb46
MD5

a2ea38d11bde2a4483b86321960d6319
SHA1

5240860d0db91bd8e13a150676a3ab1917312c59
SHA256

01e8536751080ea135c3ad7ae9187d06cdcccddfc89bc0d41ea4281eeb3e9fb4
SHA512

dcc9fb12e4375e694018c9fbaa5278c52f04aa713813dc835358fbedca3e10dc40e50f67030be18555030b5d058a002ad0fcf8d28e3a3c1615d1ee9aca14a780
SSDEEP

49152:klZfI2n9zXRNr9SvEgJAWu+5pJzznwclykqoug5FrGysQBlDQrV9a98nTnUkcNVJ:klZQiRWuwpb

Score

10^/10

bandook rat trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

Solicitud de comprá.exe

Resource

win7-20230220-en

bandook rat trojan upx

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

Solicitud de comprá.exe

Resource

win10v2004-20230220-en

bandook rat trojan upx

windows10-2004-x64

5 signatures

300 seconds

Malware Config

Extracted

Family

bandook

C2

gombos.ru

Targets

- Target
  
  Solicitud de comprá.exe
- Size
  
  4.6MB
- MD5
  
  a2ea38d11bde2a4483b86321960d6319
- SHA1
  
  5240860d0db91bd8e13a150676a3ab1917312c59
- SHA256
  
  01e8536751080ea135c3ad7ae9187d06cdcccddfc89bc0d41ea4281eeb3e9fb4
- SHA512
  
  dcc9fb12e4375e694018c9fbaa5278c52f04aa713813dc835358fbedca3e10dc40e50f67030be18555030b5d058a002ad0fcf8d28e3a3c1615d1ee9aca14a780
- SSDEEP
  
  49152:klZfI2n9zXRNr9SvEgJAWu+5pJzznwclykqoug5FrGysQBlDQrV9a98nTnUkcNVJ:klZQiRWuwpb
Score

10^/10

bandook rat trojan upx
- Bandook RAT
  Bandook is a remote access tool written in C++ and shipped with a loader written in Delphi.
  rat trojan bandook
- Bandook payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bandookrattrojanupx

behavioral2

bandookrattrojanupx

© 2018-2024

Terms | Privacy