General
-
Target
ib.exe
-
Size
36KB
-
Sample
241026-nsz6bavekl
-
MD5
1913f1b56f94a777c0130ef6e358586f
-
SHA1
b1bc6735532a06744d37245f172408f8c2f062b0
-
SHA256
79757b669da7754fb0319e313a1c24b9c9e170b7815174ca55959eb3bbca43f3
-
SHA512
b838ae8f592776e80c25e4e6280a6e778fa1a1073d62aea9bd6604bdf25248848a45c8589373a0dd978a6193b8ac454eadf53ebcf187dcaa1eb1308cb0a4799c
-
SSDEEP
768:1LtEcKD6bLDnaJy+bDbM7fSqQGPL4vzZq2o9W7GsxBbPr:1LdugLjR+yfSJGCq2iW7z
Static task
static1
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
ib.exe
-
Size
36KB
-
MD5
1913f1b56f94a777c0130ef6e358586f
-
SHA1
b1bc6735532a06744d37245f172408f8c2f062b0
-
SHA256
79757b669da7754fb0319e313a1c24b9c9e170b7815174ca55959eb3bbca43f3
-
SHA512
b838ae8f592776e80c25e4e6280a6e778fa1a1073d62aea9bd6604bdf25248848a45c8589373a0dd978a6193b8ac454eadf53ebcf187dcaa1eb1308cb0a4799c
-
SSDEEP
768:1LtEcKD6bLDnaJy+bDbM7fSqQGPL4vzZq2o9W7GsxBbPr:1LdugLjR+yfSJGCq2iW7z
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-