General

  • Target

    9ade9cc07927b1ec62614128eac5801b4ab5994ce753df4048dcb6509d783187

  • Size

    7.9MB

  • Sample

    241031-ks795svhml

  • MD5

    0e9b0cf7ad86bf6fe629240d346774fe

  • SHA1

    f19bdc45143d471702b5c12372fbe1a707887626

  • SHA256

    9ade9cc07927b1ec62614128eac5801b4ab5994ce753df4048dcb6509d783187

  • SHA512

    67b42e9fba9356aaabbe73e7f282fe323303937729c23f9fe566b83f33c6e2453dc4265aae2aa350f69f0e57149efa0864ad92b366c2da6ed72aa931c86f916f

  • SSDEEP

    98304:88sjk6EVOvx8Bz8cS8jC+lJD2jIxzzBLGYCG0VOluKWVQPcwPyU8ZZWEzLnFnG6G:uj1EUm2pEVlN2jIzk/Oyqrqw4nDzLP8

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      9ade9cc07927b1ec62614128eac5801b4ab5994ce753df4048dcb6509d783187

    • Size

      7.9MB

    • MD5

      0e9b0cf7ad86bf6fe629240d346774fe

    • SHA1

      f19bdc45143d471702b5c12372fbe1a707887626

    • SHA256

      9ade9cc07927b1ec62614128eac5801b4ab5994ce753df4048dcb6509d783187

    • SHA512

      67b42e9fba9356aaabbe73e7f282fe323303937729c23f9fe566b83f33c6e2453dc4265aae2aa350f69f0e57149efa0864ad92b366c2da6ed72aa931c86f916f

    • SSDEEP

      98304:88sjk6EVOvx8Bz8cS8jC+lJD2jIxzzBLGYCG0VOluKWVQPcwPyU8ZZWEzLnFnG6G:uj1EUm2pEVlN2jIzk/Oyqrqw4nDzLP8

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

MITRE ATT&CK Enterprise v15

Tasks