General

  • Target

    155f8fdbc153303dd012077dcdbbeb240c6f793405f7568d4cb3be19520774b3N

  • Size

    52KB

  • Sample

    241029-gr4zjsxbpr

  • MD5

    824dd4a69331450d13208e31707566d0

  • SHA1

    3c44387aad8c4db01cad17b358d5f159286374e0

  • SHA256

    155f8fdbc153303dd012077dcdbbeb240c6f793405f7568d4cb3be19520774b3

  • SHA512

    3984a67689240efa6821db54711327976161526b5b43e87925f26aa470ab8c4c7f82656b07cacccb286da4ff1f2a0d13de50cbaf9102b66f0e05802bd617ebe5

  • SSDEEP

    768:QVMe3Vk9haLNFZ131W8g/t6QGPL4vzZq2o9W7GsxBbPr:uMASiLNFZdO/t5GCq2iW7z

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      155f8fdbc153303dd012077dcdbbeb240c6f793405f7568d4cb3be19520774b3N

    • Size

      52KB

    • MD5

      824dd4a69331450d13208e31707566d0

    • SHA1

      3c44387aad8c4db01cad17b358d5f159286374e0

    • SHA256

      155f8fdbc153303dd012077dcdbbeb240c6f793405f7568d4cb3be19520774b3

    • SHA512

      3984a67689240efa6821db54711327976161526b5b43e87925f26aa470ab8c4c7f82656b07cacccb286da4ff1f2a0d13de50cbaf9102b66f0e05802bd617ebe5

    • SSDEEP

      768:QVMe3Vk9haLNFZ131W8g/t6QGPL4vzZq2o9W7GsxBbPr:uMASiLNFZdO/t5GCq2iW7z

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks