Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://docs.google....

windows10-2004-x64

10

Resubmissions

07-09-2023 14:20

230907-rndnasae2w 1

07-09-2023 13:35

230907-qv5jxsab37 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://docs.google.com/uc?id=1hy9hwzXPMxdqPlogoBfgaZDrlnyP2IAR&export=download&authuser=0

  • Sample

    230907-qv5jxsab37

Score
10/10
bandookrattrojanupx

Malware Config

Extracted

Family

bandook

C2

185.10.68.52

Targets

    • Target

      https://docs.google.com/uc?id=1hy9hwzXPMxdqPlogoBfgaZDrlnyP2IAR&export=download&authuser=0

    Score
    10/10
    bandookrattrojanupx

    • Bandook RAT

      Bandook is a remote access tool written in C++ and shipped with a loader written in Delphi.

      rattrojanbandook

    • Bandook payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks