Extracted

• • Target

    dc-injector.exe

  • Size

    3.0MB

  • MD5

    ba17f9dea338619676a2e877af75986e

  • SHA1

    046af9868e0aab58869d7434b0154b70d6a42b09

  • SHA256

    0173e92a74009fc1ac7281be8d9a4419296f7eafe9bffcd3911cb3275380148f

  • SHA512

    826f69007425b48ff400f6abd815ad5f9d3ed1d164b1c617f0764e6affafde4e1bf24e7fb1ab488633e2f4d28c7d50b29ae800d941aa83f2d6671ab4b47f575f

  • SSDEEP

    49152:6nsHyjtk2MYC5GDZeCcNPdVQ0RPi48s4Q+hU/EIOfwjIbuS4cn4d+329mvGK79z:6nsmtk2a8elPd20R6ls4bhUsIOJbuS4Q

  Score

  10^/10

  bdaejecaspackv2backdoordiscoverypersistence

  • Bdaejec

    Bdaejec is a backdoor written in C++.

    backdoorbdaejec

  • Detects Bdaejec Backdoor.

    Bdaejec is backdoor written in C++.

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence

  • Checks system information in the registry

    System information is often read in order to detect sandboxing environments.

  behavioral1behavioral2