Overview

overview

8

Static

static

3

BandagedBD...ws.exe

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BandagedBD_Windows.exe

  • Size

    112KB

  • Sample

    240809-h3nx5s1gnc

  • MD5

    5771dc777121b6db68b13177c6d2f479

  • SHA1

    5da5787b7fc16b23a580ca2fb59e596d7ca35a98

  • SHA256

    5381cf1c07d26fd6eaebf43c14e27edc787e03e2e2959d7fcc106196fce9516f

  • SHA512

    fcdcfc0631295d3317063fc2b4e2054cff87f8bc597e0c4481c023d2afabbdd97180d15420b94882d2b85d7dd4d147975312bab6d22b9393f1e9009f03753d72

  • SSDEEP

    1536:uqv7jfumxFM6EajCJyPOcF0bAtYFpFWtFn3VR6Bl:u6/mSOC09/WLn3Or

Score
8/10
discovery

Malware Config

Targets

    • Target

      BandagedBD_Windows.exe

    • Size

      112KB

    • MD5

      5771dc777121b6db68b13177c6d2f479

    • SHA1

      5da5787b7fc16b23a580ca2fb59e596d7ca35a98

    • SHA256

      5381cf1c07d26fd6eaebf43c14e27edc787e03e2e2959d7fcc106196fce9516f

    • SHA512

      fcdcfc0631295d3317063fc2b4e2054cff87f8bc597e0c4481c023d2afabbdd97180d15420b94882d2b85d7dd4d147975312bab6d22b9393f1e9009f03753d72

    • SSDEEP

      1536:uqv7jfumxFM6EajCJyPOcF0bAtYFpFWtFn3VR6Bl:u6/mSOC09/WLn3Or

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.