bdaejec

General

Target

986b1a99ce62804164313a51d9141315d9af6b8bf4ee9cf84c86648b31052e2a
Size

1.7MB
Sample

241117-jj5xzsverq
MD5

36b7c227dc3c628140af9b243ae11234
SHA1

324b0c88bee438b60b6df29d800207446f28ac21
SHA256

986b1a99ce62804164313a51d9141315d9af6b8bf4ee9cf84c86648b31052e2a
SHA512

3acc6c87cfc610ac93c6ba0b54e340e27d5d87fe9dc0dcaa6fb64c5530fc399c124e83c50aeae6f72b790ead31022b5c1863c1f49e476daa52977ff314c95124
SSDEEP

49152:ob95oohZXtemBiR8qfqlQ+oqPxGFFmbn:W5ooXXtemkslQvFEz

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  986b1a99ce62804164313a51d9141315d9af6b8bf4ee9cf84c86648b31052e2a
- Size
  
  1.7MB
- MD5
  
  36b7c227dc3c628140af9b243ae11234
- SHA1
  
  324b0c88bee438b60b6df29d800207446f28ac21
- SHA256
  
  986b1a99ce62804164313a51d9141315d9af6b8bf4ee9cf84c86648b31052e2a
- SHA512
  
  3acc6c87cfc610ac93c6ba0b54e340e27d5d87fe9dc0dcaa6fb64c5530fc399c124e83c50aeae6f72b790ead31022b5c1863c1f49e476daa52977ff314c95124
- SSDEEP
  
  49152:ob95oohZXtemBiR8qfqlQ+oqPxGFFmbn:W5ooXXtemkslQvFEz
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2