bdaejec

General

Target

9246e6040fa27a14d1b9e7d605f0811e9f4abee4da205de815e6f787d21d8161N
Size

86KB
Sample

241018-zpb5vszcln
MD5

36134427460906d5c1b0e93ebe09bd10
SHA1

b79c2cac3357b1271ef1ddb7d9d481ae06c57a99
SHA256

9246e6040fa27a14d1b9e7d605f0811e9f4abee4da205de815e6f787d21d8161
SHA512

0db2b623a9f5456ff9e4ff5e4f77e919b56e00fafd2f3e70cf9b963d3b992a1a7fbcf314e403da483e026f710fa93ea88ea28fb531ec39f77431808a43b5c56e
SSDEEP

1536:L6UzoyE5BIKEJRjZa7NdUYDg/JrE1Uw7UIQmGCq2iW7z:uU8ycaKEJRdkTNYJrnw7zGCH

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  9246e6040fa27a14d1b9e7d605f0811e9f4abee4da205de815e6f787d21d8161N
- Size
  
  86KB
- MD5
  
  36134427460906d5c1b0e93ebe09bd10
- SHA1
  
  b79c2cac3357b1271ef1ddb7d9d481ae06c57a99
- SHA256
  
  9246e6040fa27a14d1b9e7d605f0811e9f4abee4da205de815e6f787d21d8161
- SHA512
  
  0db2b623a9f5456ff9e4ff5e4f77e919b56e00fafd2f3e70cf9b963d3b992a1a7fbcf314e403da483e026f710fa93ea88ea28fb531ec39f77431808a43b5c56e
- SSDEEP
  
  1536:L6UzoyE5BIKEJRjZa7NdUYDg/JrE1Uw7UIQmGCq2iW7z:uU8ycaKEJRdkTNYJrnw7zGCH
Score

10^/10

bdaejec aspackv2 backdoor discovery upx
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2