Overview

overview

10

Static

static

3

Gaming Chair.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Gaming Chair.exe

  • Size

    2.1MB

  • Sample

    241119-rqeclsxbjf

  • MD5

    9503205a5f7581720f7fa6348c49a93b

  • SHA1

    34453ec11bb30ae10519a468deaefbf3f965fe3a

  • SHA256

    0dca41e17e4f286a420dd2e6fbbd9ad460f1dac1f3de83672fa9de977f6b6402

  • SHA512

    0524cabf5d0b87bf6f34a1c2e2cc3eef85e95e5b3fdd66fc60e5e07e4c0ce7cdbeb9eca7778bae5b4a0302ce822a08ce30c346d62bdbd746e2c8c6c8fe015191

  • SSDEEP

    49152:xMi7EDQljtuC9Ss8k9yi83GMB5rr3KJPjFJa9Ndcs8Mcs8Mcs8Mcs8M7Lbr7Lbr6:xBYDQ1th9SVk99scB

Score
10/10
bdaejecaspackv2backdoordiscoveryevasionexecution

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      Gaming Chair.exe

    • Size

      2.1MB

    • MD5

      9503205a5f7581720f7fa6348c49a93b

    • SHA1

      34453ec11bb30ae10519a468deaefbf3f965fe3a

    • SHA256

      0dca41e17e4f286a420dd2e6fbbd9ad460f1dac1f3de83672fa9de977f6b6402

    • SHA512

      0524cabf5d0b87bf6f34a1c2e2cc3eef85e95e5b3fdd66fc60e5e07e4c0ce7cdbeb9eca7778bae5b4a0302ce822a08ce30c346d62bdbd746e2c8c6c8fe015191

    • SSDEEP

      49152:xMi7EDQljtuC9Ss8k9yi83GMB5rr3KJPjFJa9Ndcs8Mcs8Mcs8Mcs8M7Lbr7Lbr6:xBYDQ1th9SVk99scB

    Score
    10/10
    bdaejecaspackv2backdoordiscoveryevasionexecution

    • Bdaejec

      Bdaejec is a backdoor written in C++.

      backdoorbdaejec

    • Bdaejec family

      bdaejec

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • Stops running service(s)

      evasionexecution

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks