General

  • Target

    2024-11-11_ded63ff595c9a4631921eb72b85360f8_smoke-loader_wapomi

  • Size

    80KB

  • Sample

    241111-kfbemswjbv

  • MD5

    ded63ff595c9a4631921eb72b85360f8

  • SHA1

    f730847cec36413551b8285d2f767cb5235962f7

  • SHA256

    07f3aad5ee9f530566d1e50383da184f108b85d9673afb3fbeb5f5123a16444b

  • SHA512

    44733d0329f132738f8481d800a117207a3494963f917493f19654d7c05f47bbcede4fb2bcd3824608efd2221e75b6acb6d2163a48c368b182f9392ab495aa40

  • SSDEEP

    1536:RfnLq01weW5yX3jFxv49Nu4GhQb6GCq2iW7z:Y3ysTGhQmGCH

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      2024-11-11_ded63ff595c9a4631921eb72b85360f8_smoke-loader_wapomi

    • Size

      80KB

    • MD5

      ded63ff595c9a4631921eb72b85360f8

    • SHA1

      f730847cec36413551b8285d2f767cb5235962f7

    • SHA256

      07f3aad5ee9f530566d1e50383da184f108b85d9673afb3fbeb5f5123a16444b

    • SHA512

      44733d0329f132738f8481d800a117207a3494963f917493f19654d7c05f47bbcede4fb2bcd3824608efd2221e75b6acb6d2163a48c368b182f9392ab495aa40

    • SSDEEP

      1536:RfnLq01weW5yX3jFxv49Nu4GhQb6GCq2iW7z:Y3ysTGhQmGCH

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks