bdaejec

General

Target

68e41891de669b2fec8a9be7eb76b4e111dc60667ff668f3fa8bd329d28f999cN
Size

650KB
Sample

241102-qg9aysverh
MD5

7e599447bb5678e0203433604289fc10
SHA1

4b904b2bd6c28cf7a167a9aa78832adc712bdde0
SHA256

68e41891de669b2fec8a9be7eb76b4e111dc60667ff668f3fa8bd329d28f999c
SHA512

d4d674c08976b9a4063601ee557a3a229b6075c6e35f6fa44c6e629733dbc01e210c88a4033d2965f198257abb44aadfa0f9524756940e51f61ae5791d1168e4
SSDEEP

12288:RhMrzivePPYQmwPJKoXc8SM64DNRoXPirgSKzuq:jMHivMPUgSp4DNv0x

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  68e41891de669b2fec8a9be7eb76b4e111dc60667ff668f3fa8bd329d28f999cN
- Size
  
  650KB
- MD5
  
  7e599447bb5678e0203433604289fc10
- SHA1
  
  4b904b2bd6c28cf7a167a9aa78832adc712bdde0
- SHA256
  
  68e41891de669b2fec8a9be7eb76b4e111dc60667ff668f3fa8bd329d28f999c
- SHA512
  
  d4d674c08976b9a4063601ee557a3a229b6075c6e35f6fa44c6e629733dbc01e210c88a4033d2965f198257abb44aadfa0f9524756940e51f61ae5791d1168e4
- SSDEEP
  
  12288:RhMrzivePPYQmwPJKoXc8SM64DNRoXPirgSKzuq:jMHivMPUgSp4DNv0x
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2