Overview

overview

10

Static

static

10

2024-11-02...vy.exe

windows7-x64

1

2024-11-02...vy.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-02_5a34a1c452676c18c9397f257917b481_bandook_magniber_poison-ivy

  • Size

    15.5MB

  • MD5

    5a34a1c452676c18c9397f257917b481

  • SHA1

    f1b11571f6d1367bbcef89f3fb0db0bd41b2bb49

  • SHA256

    7bf75bbe38df9363343e1e559693da63b84770ff7720ada3a50bf4c926cf2445

  • SHA512

    bb20ba636059686d162b94f5c8154624d741a0456b3a07f904f424e1d19035e231b39a76b50c8709c59e0c24be750f5fd73525c93b1b8b981f8d15645d72590e

  • SSDEEP

    98304:3UT0sibyuZIt8ZQrW8DgZS7vUKma/Gm/NypJEVwXd0aCY3X:3HyuZIt8ZQrDa7a/GmkewNZf

Score
10/10
upxbandook

Malware Config

Signatures

  • Bandook family
    bandook
  • Bandook payload 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-11-02_5a34a1c452676c18c9397f257917b481_bandook_magniber_poison-ivy
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections