General
-
Target
2024-11-17_4f825b9717b4067cce5bc917e3fab377_smoke-loader_wapomi
-
Size
80KB
-
Sample
241117-l4vnvsxdqg
-
MD5
4f825b9717b4067cce5bc917e3fab377
-
SHA1
7baa522033a79e9a4a6ce5ea10de0ce37b78bf48
-
SHA256
b09ab01fac4fa50b5208680ddff09109941d4b0905feaf0b3f64b9d7c2c94734
-
SHA512
a663de68a713125b4c28e18d6247733683170e6e04d0f65942fa13d1e04daa998d58d6b34f6dd191eb963a0ded4ca315b930f898eb76669e2c2489f3f2fea398
-
SSDEEP
1536:RfnLq01weW5yX3jFxv49Nu4GhQnZGCq2iW7z:Y3ysTGhQZGCH
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-17_4f825b9717b4067cce5bc917e3fab377_smoke-loader_wapomi.exe
Resource
win7-20240729-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-17_4f825b9717b4067cce5bc917e3fab377_smoke-loader_wapomi
-
Size
80KB
-
MD5
4f825b9717b4067cce5bc917e3fab377
-
SHA1
7baa522033a79e9a4a6ce5ea10de0ce37b78bf48
-
SHA256
b09ab01fac4fa50b5208680ddff09109941d4b0905feaf0b3f64b9d7c2c94734
-
SHA512
a663de68a713125b4c28e18d6247733683170e6e04d0f65942fa13d1e04daa998d58d6b34f6dd191eb963a0ded4ca315b930f898eb76669e2c2489f3f2fea398
-
SSDEEP
1536:RfnLq01weW5yX3jFxv49Nu4GhQnZGCq2iW7z:Y3ysTGhQZGCH
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-