bandook | 4f4992ebc64f845f531c2e7f3c1a819037c685686ec5a9af906eee4d363908aa | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

Solicitud ...ra.exe

windows10-2004-x64

Resubmissions

16/03/2025, 13:30

250316-qrty1svqz3 10

01/08/2023, 15:16

230801-snfnbsgh37 3

Sharing

General

Target

Solicitud de Compra.exe
Size

5.5MB
Sample

250316-qrty1svqz3
MD5

0bcccce2c010c4ec39808cf326f825cf
SHA1

2bc786d519645a83e985fcd907758fdd7fe12686
SHA256

4f4992ebc64f845f531c2e7f3c1a819037c685686ec5a9af906eee4d363908aa
SHA512

c0aa3601b1193f7f65f69e7b62bf55634f073fe8019eeeef427f3fc70bded553f9aef3230909de6ed07b9df7057efab6879912d00465014ca45db4b2cf0120ed
SSDEEP

49152:sXW7Cv1EIBjk50b1fUsJyi3GGfxkzIHLfiZz3LIFmTb+HUwrD4KhwGpzqROieIMm:k

Score

10^/10

bandook discovery rat trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Solicitud de Compra.exe

Resource

win10v2004-20250313-en

bandook discovery rat trojan upx

windows10-2004-x64

7 signatures

600 seconds

Malware Config

Extracted

Family

bandook

C2

185.10.68.52

Targets

- Target
  
  Solicitud de Compra.exe
- Size
  
  5.5MB
- MD5
  
  0bcccce2c010c4ec39808cf326f825cf
- SHA1
  
  2bc786d519645a83e985fcd907758fdd7fe12686
- SHA256
  
  4f4992ebc64f845f531c2e7f3c1a819037c685686ec5a9af906eee4d363908aa
- SHA512
  
  c0aa3601b1193f7f65f69e7b62bf55634f073fe8019eeeef427f3fc70bded553f9aef3230909de6ed07b9df7057efab6879912d00465014ca45db4b2cf0120ed
- SSDEEP
  
  49152:sXW7Cv1EIBjk50b1fUsJyi3GGfxkzIHLfiZz3LIFmTb+HUwrD4KhwGpzqROieIMm:k
Score

10^/10

bandook discovery rat trojan upx
- Bandook RAT
  Bandook is a remote access tool written in C++ and shipped with a loader written in Delphi.
  rat trojan bandook
- Bandook family
  bandook
- Bandook payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bandookdiscoveryrattrojanupx

© 2018-2025

Terms | Privacy