bandook | 3c099ec7363407c9fb742beca81f97ecca93807e0f4c7fe73e019a3ccedbd220 | Triage

Submit
Reports

Overview

overview

Static

static

1

Relación...ro.exe

windows7-x64

Relación...ro.exe

windows10-2004-x64

Sharing

General

Target

Relación de factura de cobro.exe
Size

4.6MB
Sample

230430-kakq5ahb34
MD5

5a21405b06a11ee03c24cc79ef910c3d
SHA1

388371ea56bd79813ef53152220d7c64396528ea
SHA256

3c099ec7363407c9fb742beca81f97ecca93807e0f4c7fe73e019a3ccedbd220
SHA512

92d722e57b39a4c126507ce4341e17ff7adae75c6e12a9753215b77b4bb0ec0347dc56c810798c358bf62376fc94238c9b8cb804a09ef12e6fcd2f65b6ca2041
SSDEEP

49152:llZfI2n9IkZVqC2IWGDgLOcn4hco98WRO6LT+5OoDY8jwyL6inScmGaZGTnUkcNy:llZQinDuOcn4KF

Score

10^/10

bandook rat trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

Relación de factura de cobro.exe

Resource

win7-20230220-en

bandook rat trojan upx

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

Relación de factura de cobro.exe

Resource

win10v2004-20230220-en

bandook rat trojan upx

windows10-2004-x64

5 signatures

300 seconds

Malware Config

Extracted

Family

bandook

C2

gombos.ru

Targets

- Target
  
  Relación de factura de cobro.exe
- Size
  
  4.6MB
- MD5
  
  5a21405b06a11ee03c24cc79ef910c3d
- SHA1
  
  388371ea56bd79813ef53152220d7c64396528ea
- SHA256
  
  3c099ec7363407c9fb742beca81f97ecca93807e0f4c7fe73e019a3ccedbd220
- SHA512
  
  92d722e57b39a4c126507ce4341e17ff7adae75c6e12a9753215b77b4bb0ec0347dc56c810798c358bf62376fc94238c9b8cb804a09ef12e6fcd2f65b6ca2041
- SSDEEP
  
  49152:llZfI2n9IkZVqC2IWGDgLOcn4hco98WRO6LT+5OoDY8jwyL6inScmGaZGTnUkcNy:llZQinDuOcn4KF
Score

10^/10

bandook rat trojan upx
- Bandook RAT
  Bandook is a remote access tool written in C++ and shipped with a loader written in Delphi.
  rat trojan bandook
- Bandook payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bandookrattrojanupx

behavioral2

bandookrattrojanupx

© 2018-2024

Terms | Privacy