General

  • Target

    0c2000fa8a185f25aa0e88fc2e3cf05c4dfa2595cc83ba45fec86b8e6fa98ab3

  • Size

    2.0MB

  • Sample

    241104-lqklqsxnfy

  • MD5

    ec04241b7d457e05de19ed704d1d8fbb

  • SHA1

    0dab7f70c0da90d64eff00696bbf3510fa404f47

  • SHA256

    0c2000fa8a185f25aa0e88fc2e3cf05c4dfa2595cc83ba45fec86b8e6fa98ab3

  • SHA512

    98d1e4fd4ffcadb035181643c2b693543ec8f1d6a9c8ce556fbfd54a1d19f0210a1b4c6dd69beb92cb8a7d7e871d2d9159c6e377d7d8e31c477313a599528c1a

  • SSDEEP

    49152:b9DQojSpn7SiHbNwkerEt8UKWUCKZN2oyl6UR5dij0VNB4ifkDXrVL+WC6DEF:lQojSpOiHbNwHEtzKWUCKZN2oyMANLfj

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      0c2000fa8a185f25aa0e88fc2e3cf05c4dfa2595cc83ba45fec86b8e6fa98ab3

    • Size

      2.0MB

    • MD5

      ec04241b7d457e05de19ed704d1d8fbb

    • SHA1

      0dab7f70c0da90d64eff00696bbf3510fa404f47

    • SHA256

      0c2000fa8a185f25aa0e88fc2e3cf05c4dfa2595cc83ba45fec86b8e6fa98ab3

    • SHA512

      98d1e4fd4ffcadb035181643c2b693543ec8f1d6a9c8ce556fbfd54a1d19f0210a1b4c6dd69beb92cb8a7d7e871d2d9159c6e377d7d8e31c477313a599528c1a

    • SSDEEP

      49152:b9DQojSpn7SiHbNwkerEt8UKWUCKZN2oyl6UR5dij0VNB4ifkDXrVL+WC6DEF:lQojSpOiHbNwHEtzKWUCKZN2oyMANLfj

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks