General
-
Target
2024-11-11_ded63ff595c9a4631921eb72b85360f8_smoke-loader_wapomi
-
Size
80KB
-
Sample
241111-kfbemswjbv
-
MD5
ded63ff595c9a4631921eb72b85360f8
-
SHA1
f730847cec36413551b8285d2f767cb5235962f7
-
SHA256
07f3aad5ee9f530566d1e50383da184f108b85d9673afb3fbeb5f5123a16444b
-
SHA512
44733d0329f132738f8481d800a117207a3494963f917493f19654d7c05f47bbcede4fb2bcd3824608efd2221e75b6acb6d2163a48c368b182f9392ab495aa40
-
SSDEEP
1536:RfnLq01weW5yX3jFxv49Nu4GhQb6GCq2iW7z:Y3ysTGhQmGCH
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-11_ded63ff595c9a4631921eb72b85360f8_smoke-loader_wapomi.exe
Resource
win7-20240708-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-11_ded63ff595c9a4631921eb72b85360f8_smoke-loader_wapomi
-
Size
80KB
-
MD5
ded63ff595c9a4631921eb72b85360f8
-
SHA1
f730847cec36413551b8285d2f767cb5235962f7
-
SHA256
07f3aad5ee9f530566d1e50383da184f108b85d9673afb3fbeb5f5123a16444b
-
SHA512
44733d0329f132738f8481d800a117207a3494963f917493f19654d7c05f47bbcede4fb2bcd3824608efd2221e75b6acb6d2163a48c368b182f9392ab495aa40
-
SSDEEP
1536:RfnLq01weW5yX3jFxv49Nu4GhQb6GCq2iW7z:Y3ysTGhQmGCH
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-