bandook | aafafcec219765dbf2a4d4db4ecccd7d7b5bcc44613e80d833812dd9d074f434 | Triage

Submit
Reports

Overview

overview

Static

static

1

Factura de Cobro.exe

windows10-2004-x64

Sharing

General

Target

Factura de Cobro.exe
Size

7.5MB
Sample

230731-q19qtsgb83
MD5

c46c3de7dc67087e6007a1cc6d24abf1
SHA1

5e4edbe4d3206ea8dbba05f575a4a9312289591d
SHA256

aafafcec219765dbf2a4d4db4ecccd7d7b5bcc44613e80d833812dd9d074f434
SHA512

6f8d11131fb959046e57397dc76d342fe6ff8621764a84affbb4d52c63aef4dd123adc351f7c93c3d69233255c78045008339345569a1056a6b4f9a1af69ada6
SSDEEP

49152:CFQPSP5e3Ch3dKpJtxHe3AlDxZt4UUlAbisGOa3onvtkOsKmqggjrzVS+hG7mrOR:CaPfIH

Score

10^/10

bandook rat trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

Factura de Cobro.exe

Resource

win10v2004-20230703-en

bandook rat trojan upx

windows10-2004-x64

5 signatures

600 seconds

Malware Config

Extracted

Family

bandook

C2

185.10.68.52

Targets

- Target
  
  Factura de Cobro.exe
- Size
  
  7.5MB
- MD5
  
  c46c3de7dc67087e6007a1cc6d24abf1
- SHA1
  
  5e4edbe4d3206ea8dbba05f575a4a9312289591d
- SHA256
  
  aafafcec219765dbf2a4d4db4ecccd7d7b5bcc44613e80d833812dd9d074f434
- SHA512
  
  6f8d11131fb959046e57397dc76d342fe6ff8621764a84affbb4d52c63aef4dd123adc351f7c93c3d69233255c78045008339345569a1056a6b4f9a1af69ada6
- SSDEEP
  
  49152:CFQPSP5e3Ch3dKpJtxHe3AlDxZt4UUlAbisGOa3onvtkOsKmqggjrzVS+hG7mrOR:CaPfIH
Score

10^/10

bandook rat trojan upx
- Bandook RAT
  Bandook is a remote access tool written in C++ and shipped with a loader written in Delphi.
  rat trojan bandook
- Bandook payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bandookrattrojanupx

© 2018-2024

Terms | Privacy