bdaejec

General

Target

2024-11-16_cc8ec946be52ffe178e1d035ec3a2402_bkransomware_karagany_wapomi
Size

90KB
Sample

241116-hf7fza1hng
MD5

cc8ec946be52ffe178e1d035ec3a2402
SHA1

a5601c49c7e435f3b20bed3a39c304de132c44d9
SHA256

f74e3b764863a5629fc87d0ccb5a9ae3e80e1eafa590b2ac2b1175d8aad2e2d1
SHA512

ba0f91e0b86d9b3790673f9e5107b1320f33269821ce56f9cfe66c60e896bc4939a64334a8b9a371cc59266684f8ba5befbeb4bfde87790cc22bbdaa0aca02c0
SSDEEP

1536:KJgIzEO/p3BjXV1bG5r4rW7r4tc+L19sWjcdx8KaXYGCq2iW7z:ov1/G5+L1C60GCH

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  2024-11-16_cc8ec946be52ffe178e1d035ec3a2402_bkransomware_karagany_wapomi
- Size
  
  90KB
- MD5
  
  cc8ec946be52ffe178e1d035ec3a2402
- SHA1
  
  a5601c49c7e435f3b20bed3a39c304de132c44d9
- SHA256
  
  f74e3b764863a5629fc87d0ccb5a9ae3e80e1eafa590b2ac2b1175d8aad2e2d1
- SHA512
  
  ba0f91e0b86d9b3790673f9e5107b1320f33269821ce56f9cfe66c60e896bc4939a64334a8b9a371cc59266684f8ba5befbeb4bfde87790cc22bbdaa0aca02c0
- SSDEEP
  
  1536:KJgIzEO/p3BjXV1bG5r4rW7r4tc+L19sWjcdx8KaXYGCq2iW7z:ov1/G5+L1C60GCH
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2