bdaejec | adb67d04b39c0e8e49b8a1d971c6075afcc9368cfdd03bef56cb2d236261d5f8 | Triage

Submit
Reports

Overview

overview

Static

static

3

4d6d89b1d3...18.exe

windows7-x64

4d6d89b1d3...18.exe

windows10-2004-x64

Sharing

General

Target

4d6d89b1d32bcf66067d2f1039f0e424_JaffaCakes118
Size

24KB
Sample

241016-r5788sverd
MD5

4d6d89b1d32bcf66067d2f1039f0e424
SHA1

765fdf813b3bba4dc81becec275abc534d0801a9
SHA256

adb67d04b39c0e8e49b8a1d971c6075afcc9368cfdd03bef56cb2d236261d5f8
SHA512

49a013dc42800d5ba1382ecbc1aa8068ab202b3d5d0f05fad70aae26493ebc37d6f2571019912b6d3feb01527caaa975de70a5948464ec9ca7561469dd4a39f4
SSDEEP

384:vVMEEDYM3MVAgrgISXXZQaD7U8iu4YsAa7ZA0UvH2lsRv21yW7GbAxur6+Y9Pffr:vGE4YM32A42ZQGPL4vzZq2o9W7GsxBbz

Score

10^/10

bdaejec aspackv2 backdoor discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4d6d89b1d32bcf66067d2f1039f0e424_JaffaCakes118.exe

Resource

win7-20240708-en

bdaejec aspackv2 backdoor discovery

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

4d6d89b1d32bcf66067d2f1039f0e424_JaffaCakes118.exe

Resource

win10v2004-20241007-en

bdaejec aspackv2 backdoor discovery

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  4d6d89b1d32bcf66067d2f1039f0e424_JaffaCakes118
- Size
  
  24KB
- MD5
  
  4d6d89b1d32bcf66067d2f1039f0e424
- SHA1
  
  765fdf813b3bba4dc81becec275abc534d0801a9
- SHA256
  
  adb67d04b39c0e8e49b8a1d971c6075afcc9368cfdd03bef56cb2d236261d5f8
- SHA512
  
  49a013dc42800d5ba1382ecbc1aa8068ab202b3d5d0f05fad70aae26493ebc37d6f2571019912b6d3feb01527caaa975de70a5948464ec9ca7561469dd4a39f4
- SSDEEP
  
  384:vVMEEDYM3MVAgrgISXXZQaD7U8iu4YsAa7ZA0UvH2lsRv21yW7GbAxur6+Y9Pffr:vGE4YM32A42ZQGPL4vzZq2o9W7GsxBbz
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bdaejecaspackv2backdoordiscovery

behavioral2

bdaejecaspackv2backdoordiscovery

© 2018-2025

Terms | Privacy