Extracted

• • Target

    Relación de factura de cobro.exe

  • Size

    4.6MB

  • MD5

    5a21405b06a11ee03c24cc79ef910c3d

  • SHA1

    388371ea56bd79813ef53152220d7c64396528ea

  • SHA256

    3c099ec7363407c9fb742beca81f97ecca93807e0f4c7fe73e019a3ccedbd220

  • SHA512

    92d722e57b39a4c126507ce4341e17ff7adae75c6e12a9753215b77b4bb0ec0347dc56c810798c358bf62376fc94238c9b8cb804a09ef12e6fcd2f65b6ca2041

  • SSDEEP

    49152:llZfI2n9IkZVqC2IWGDgLOcn4hco98WRO6LT+5OoDY8jwyL6inScmGaZGTnUkcNy:llZQinDuOcn4KF

  Score

  10^/10

  bandookrattrojanupx

  • Bandook RAT

    Bandook is a remote access tool written in C++ and shipped with a loader written in Delphi.

    rattrojanbandook

  • Bandook payload

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2