Bandook

Malware Profile Updated 2 days ago
Download STIX
Preview STIX
Bandook is a long-existing malware, specifically a Remote Access Trojan (RAT), that primarily targets Windows machines. As a malicious software, Bandook is designed to exploit and damage computers or devices without the user's knowledge. It can infiltrate systems through various channels such as suspicious downloads, emails, or websites. Once it gains access, Bandook can steal personal information, disrupt operations, or even hold data hostage for ransom. The Bandook RAT has been observed being distributed via email as a compressed attachment (#9454 and #9455). This method of delivery makes it easier for the malware to bypass initial security measures and makes detection more difficult. When unsuspecting users open these attachments, the malware is installed on their system, giving the attacker remote access and control over the victim's computer. SafeBreach has provided coverage of the Bandook RAT, highlighting its capabilities and methods of infiltration. They have emphasized the importance of maintaining up-to-date security measures to protect against such threats. Despite its long existence, Bandook continues to be a significant threat due to its sophisticated techniques and its ability to adapt and evolve to bypass security measures.
What's your take? (Question 1 of 5)
3c316bcd-0864-49b3-8b9f-e03b19006e1e Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Trojan
Rat
Windows
Payload
Firefox
Fortiguard
Chrome
Phishing
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Bandook Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Bandook: Signed & Delivered - Check Point Research
CERT-EU
5 months ago
Bandook - A Persistent Threat That Keeps Evolving | FortiGuard Labs
Fortinet
5 months ago
Bandook - A Persistent Threat That Keeps Evolving | FortiGuard Labs
Malware-traffic-analysis.net
10 months ago
Malware-Traffic-Analysis.net - 2023-08-01 - Bandook infection
CERT-EU
3 months ago
ALPHV Blackcat, GCP-Native Attacks, Bandook RAT, NoaBot Miner, Ivanti Secure Vulnerabilities, and More: Hacker’s Playbook Threat Coverage Round-up: February 2024
Securityaffairs
5 months ago
Long-existing Bandook RAT targets Windows machines
CERT-EU
5 months ago
Unveiling ‘Bandook’: A Threat that Adapts and Persists
CERT-EU
5 months ago
New Bandook RAT Variant Resurfaces, Targeting Windows Machines
CERT-EU
5 months ago
Windows systems targeted by updated Bandook RAT
CERT-EU
a year ago
Links 11/02/2023: Zstandard 1.5.4 Released and Red Hat Promotes Microsoft
Securityaffairs
3 months ago
Security Affairs newsletter Round 462 by Pierluigi Paganini
Securityaffairs
3 months ago
Security Affairs newsletter Round 459 by Pierluigi Paganini
Securityaffairs
2 months ago
Security Affairs newsletter Round 464 by Pierluigi Paganini
Securityaffairs
4 months ago
Security Affairs newsletter Round 457 by Pierluigi Paganini
Securityaffairs
4 months ago
Security Affairs newsletter Round 454 by Pierluigi Paganini
Securityaffairs
4 months ago
Security Affairs newsletter Round 454 by Pierluigi Paganini
Securityaffairs
3 months ago
Security Affairs newsletter Round 460 by Pierluigi Paganini
Securityaffairs
2 months ago
Security Affairs newsletter Round 465 by Pierluigi Paganini
Securityaffairs
3 months ago
Security Affairs newsletter Round 461 by Pierluigi Paganini
Securityaffairs
23 days ago
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION