bdaejec

General

Target

cb0d303f66d5ace8ee689b69adeeee25f048619bcb7102a523aba9af30185f26N
Size

1.8MB
Sample

241031-n9d96sxhqc
MD5

71a569b204a670aae81a0ca014f8afa0
SHA1

04aa15581585a57fba85ba2c7c80b720f29a1474
SHA256

cb0d303f66d5ace8ee689b69adeeee25f048619bcb7102a523aba9af30185f26
SHA512

c1df09c80257c664b48853ee0ec9ab0bb983dce51f1e453c5f361eb8f88068fbca6d8929fc9b72b60860a4c9bd9f0ffaf424d739e293842e0b78b7764c1bb307
SSDEEP

49152:hPt8WJ3SeUjEqED4wAmE5G9ZC3tr4aS6BMWdE95AhcL6:DVCpED4wALU983tfS6pkh

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  cb0d303f66d5ace8ee689b69adeeee25f048619bcb7102a523aba9af30185f26N
- Size
  
  1.8MB
- MD5
  
  71a569b204a670aae81a0ca014f8afa0
- SHA1
  
  04aa15581585a57fba85ba2c7c80b720f29a1474
- SHA256
  
  cb0d303f66d5ace8ee689b69adeeee25f048619bcb7102a523aba9af30185f26
- SHA512
  
  c1df09c80257c664b48853ee0ec9ab0bb983dce51f1e453c5f361eb8f88068fbca6d8929fc9b72b60860a4c9bd9f0ffaf424d739e293842e0b78b7764c1bb307
- SSDEEP
  
  49152:hPt8WJ3SeUjEqED4wAmE5G9ZC3tr4aS6BMWdE95AhcL6:DVCpED4wALU983tfS6pkh
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2