Overview

overview

7

Static

static

3

Bandicam/b...up.bat

windows10-1703-x64

7

Bandicam/b...up.bat

windows7-x64

7

Bandicam/b...up.bat

windows10-2004-x64

7

Bandicam/b...up.bat

windows11-21h2-x64

7

Bandicam/b...p2.bat

windows10-1703-x64

7

Bandicam/b...p2.bat

windows7-x64

7

Bandicam/b...p2.bat

windows10-2004-x64

7

Bandicam/b...p2.bat

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Bandicam.rar

  • Size

    31.3MB

  • Sample

    240613-spvtmsthja

  • MD5

    457ce9f806cb87df3b40cf1bbaa864b1

  • SHA1

    b90f8d4e4df918c18b79400ed6f3b41812d14d2f

  • SHA256

    84c628adba7d09e7621579a147e6d2daa189dd4f47a86e6095d05cd696fcd570

  • SHA512

    97eebc9b1827b10ac4f4c8fb55769c9d19c86376b2d34fa4178f451ae951ef447274ceb97db88fc0a65a14a58fc5af999865d095b1714cc071e1b3460191a0bc

  • SSDEEP

    786432:1pIyS4sUruJgghGs1OkNVZ8lnWO2ULb6Bg78Fq0em/:1p+4s3JgghzJNv8ltb6Bg7wZ/

Score
7/10

Malware Config

Targets

    • Target

      Bandicam/bdcam_setup.bat

    • Size

      61KB

    • MD5

      04c9207727dc5474f2deb587e591881b

    • SHA1

      c7217d5a6992ed4b258cfe4e0689b15e37077d0f

    • SHA256

      b9fec10884cff054689605514294b72870bebf085eebedfd8555123127688272

    • SHA512

      44827e60c68a8dc572f9fe1e35a1a32cd56a5fbcfd8d85344c309daf60ef233995a2353e776e648706430f60ac4eeddb53a40cd13ad53f28e4ac23d6d0df87cd

    • SSDEEP

      1536:7Ysjgm7LaXhXOXn3IXsz/oeQWewbUZHDjY9:7EXheZz/oel2ZHHc

    Score
    7/10

    • Executes dropped EXE

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2behavioral3behavioral4

    • Target

      Bandicam/bdcam_setup2.bat

    • Size

      70KB

    • MD5

      8a522dec33821148711c857d983651c1

    • SHA1

      2641393f1fd63466a4b35ea632b9c177ac3bbbcb

    • SHA256

      fd83c925242c80089404bda5cbeee012ed4592c9fdd9dceba2d0ed43dad451d4

    • SHA512

      d14f57f949f1a519966a3bfba27d79aa34c32474e573031f35eee8a743d971cb771c8e7c8f82de094e47bc7c08744c5f3eb5e082e809149efc0accfbc4786261

    • SSDEEP

      1536:Adgu9vQizEgn0/6xwWhyYS2LEkTBR+MSD9dCr:ADzEowWhyeQIR+MMur

    Score
    7/10

    • Executes dropped EXE

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral5behavioral6behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks