Overview

overview

10

Static

static

3

2024-11-14...mi.exe

windows7-x64

10

2024-11-14...mi.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-14_ee8ade30845b976ed871906a0b1811da_karagany_mafia_wapomi

  • Size

    120KB

  • Sample

    241114-nsh7ssyemb

  • MD5

    ee8ade30845b976ed871906a0b1811da

  • SHA1

    063bc9d23bae1f98630740ad46645a9814ebe116

  • SHA256

    45a7c1344bbc0ba3ff8069cba55924bfd963eaa46910b999cc661d48559f7d28

  • SHA512

    8dba41e600bca290af62d2a1defb8084f44763cd5202989e3048273af8a7e44669256bd79eadba2f37e32be2053311ed9065db1d6906f19b8b7e85b93889b1da

  • SSDEEP

    3072:FOzAt7oScwptXd1PS7U4j4XuKnwEmGCH:FP7ZtXTateu3Ev

Score
10/10
bdaejecaspackv2backdoordiscovery

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      2024-11-14_ee8ade30845b976ed871906a0b1811da_karagany_mafia_wapomi

    • Size

      120KB

    • MD5

      ee8ade30845b976ed871906a0b1811da

    • SHA1

      063bc9d23bae1f98630740ad46645a9814ebe116

    • SHA256

      45a7c1344bbc0ba3ff8069cba55924bfd963eaa46910b999cc661d48559f7d28

    • SHA512

      8dba41e600bca290af62d2a1defb8084f44763cd5202989e3048273af8a7e44669256bd79eadba2f37e32be2053311ed9065db1d6906f19b8b7e85b93889b1da

    • SSDEEP

      3072:FOzAt7oScwptXd1PS7U4j4XuKnwEmGCH:FP7ZtXTateu3Ev

    Score
    10/10
    bdaejecaspackv2backdoordiscovery

    • Bdaejec

      Bdaejec is a backdoor written in C++.

      backdoorbdaejec

    • Bdaejec family

      bdaejec

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks