Extracted

• • Target

    DOCUMENTO_ARCHIVO1/PRINTDOC-09052023.exe

  • Size

    3.8MB

  • MD5

    d44f2a8d0135955203cf3547a1a311dd

  • SHA1

    f8b2d00e6197e2aebe599534ae514b096673e6d0

  • SHA256

    592f1fe8188a4288f03a30216df82180e75859191e0b7f9bc52df578d95c7dcd

  • SHA512

    f5c1e97c069a7c6dce5177ce287707752d40d47b13379516fbcd1fade3d33af09fcbba8283b5e98290a318afa1ddb4ad706e361a1d1d71a6844b6f4281df3feb

  • SSDEEP

    49152:zbVyaPRR0w9TpccGbyIVNYSa3QYHuUerbRnzZuJ0Zamp:zU7

  Score

  10^/10

  bandookrattrojanupx

  • Bandook RAT

    Bandook is a remote access tool written in C++ and shipped with a loader written in Delphi.

    rattrojanbandook

  • Bandook payload

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2