General

  • Target

    1b27d568e090c376a9afdc08dc0a18b4d0fe12d10b3f4f6e37cb4ddd4de86f2eN

  • Size

    96KB

  • Sample

    241030-rzj98atqdw

  • MD5

    f8de2772a14f7aba72f1a8768ca84b80

  • SHA1

    3c80b9317399f19b3ec89f0ad7fe93e65d574739

  • SHA256

    1b27d568e090c376a9afdc08dc0a18b4d0fe12d10b3f4f6e37cb4ddd4de86f2e

  • SHA512

    5bd6c6af543134b0434def62bfad6d12b43584e9cada6b69a57da47b18079420300beff84cbb4567bd89eea67f1f004a96e1abb8464e0addbadd87b05c79fe70

  • SSDEEP

    1536:pECLKU4+dwC/p0cQ7ZCAINqPDHuXnvE0oK1eMGCq2iW7z:pJLrp0cQ7QAINqPDHQncAGCH

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      1b27d568e090c376a9afdc08dc0a18b4d0fe12d10b3f4f6e37cb4ddd4de86f2eN

    • Size

      96KB

    • MD5

      f8de2772a14f7aba72f1a8768ca84b80

    • SHA1

      3c80b9317399f19b3ec89f0ad7fe93e65d574739

    • SHA256

      1b27d568e090c376a9afdc08dc0a18b4d0fe12d10b3f4f6e37cb4ddd4de86f2e

    • SHA512

      5bd6c6af543134b0434def62bfad6d12b43584e9cada6b69a57da47b18079420300beff84cbb4567bd89eea67f1f004a96e1abb8464e0addbadd87b05c79fe70

    • SSDEEP

      1536:pECLKU4+dwC/p0cQ7ZCAINqPDHuXnvE0oK1eMGCq2iW7z:pJLrp0cQ7QAINqPDHQncAGCH

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks