Extracted

• • Target

    COMPROBANTE DE PAGO MES SEPTIEMBRE-06T1.exe

  • Size

    3.2MB

  • MD5

    fb4fc5d42c4ef25aa2c03acf8ff50341

  • SHA1

    fac0d2c08fd458f2900b44a52812de829857ec67

  • SHA256

    970928c0e98061583e086cc6bf53675946b11e323e53fa2abd6f0218645378b7

  • SHA512

    ef1c6ec81c0945f19aa44a26cb2ae63d8721a04ff9defd07430afbffbbf3b7ab25c134998d76a437bdb43bb552d121f92bc4bc3b7535aa331ebdcacc5c0b8289

  • SSDEEP

    49152:6+Laj3yT7ywgoTx/OuR1DjKszq5rjraDv7c93OhlZ:XLAyB

  Score

  10^/10

  bandookrattrojanupx

  • Bandook RAT

    Bandook is a remote access tool written in C++ and shipped with a loader written in Delphi.

    rattrojanbandook

  • Bandook payload

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2