General

  • Target

    029046309b16b9d51bbc45e379f5a9e3fda17bafa4484da7856ad23782e806fbN

  • Size

    304KB

  • Sample

    241027-qrqxcswjar

  • MD5

    b5c30d0e415861f40c00cb4a79e7a280

  • SHA1

    60354e80dc2e3b541f791a6f4610b80ebd82eae8

  • SHA256

    029046309b16b9d51bbc45e379f5a9e3fda17bafa4484da7856ad23782e806fb

  • SHA512

    8c0bd617cfd8e9fc215bb5b26a1d0f2239aa3d022e240a4d713a9e9c0ece6156ae9cd64b79b297737377d150125af098d8b231c7db9de1b181b2f99da54c9077

  • SSDEEP

    3072:olj9/PP57UJyuhpdDoH5ezT89zCsHoSoGCH:oBPIJy15ezT89zhP

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      029046309b16b9d51bbc45e379f5a9e3fda17bafa4484da7856ad23782e806fbN

    • Size

      304KB

    • MD5

      b5c30d0e415861f40c00cb4a79e7a280

    • SHA1

      60354e80dc2e3b541f791a6f4610b80ebd82eae8

    • SHA256

      029046309b16b9d51bbc45e379f5a9e3fda17bafa4484da7856ad23782e806fb

    • SHA512

      8c0bd617cfd8e9fc215bb5b26a1d0f2239aa3d022e240a4d713a9e9c0ece6156ae9cd64b79b297737377d150125af098d8b231c7db9de1b181b2f99da54c9077

    • SSDEEP

      3072:olj9/PP57UJyuhpdDoH5ezT89zCsHoSoGCH:oBPIJy15ezT89zhP

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks