Extracted

• • Target

    2024-11-20_079ae0b0e931b7b3434f5a8ae6652d1c_karagany_mafia_wapomi

  • Size

    120KB

  • MD5

    079ae0b0e931b7b3434f5a8ae6652d1c

  • SHA1

    e73bf988d7cba9144cfddb5b7fc038fd264a9920

  • SHA256

    232bbb3459ac5606b0a89c6b6296f40d7b3e764d0d9c628b905920799e0b9615

  • SHA512

    0618d4fad9415be0fc6ec948c14c8bd86534257a843b80c6a8252f396bcb5a85c187aa31bc622bb980d4082e8ca53a57cee144006e612d94ef36c1e962dfca7d

  • SSDEEP

    3072:FOzAt7oScwptXd1PS7U4j4XuKnwERGCH:FP7ZtXTateu3EE

  Score

  10^/10

  bdaejecaspackv2backdoordiscovery

  • Bdaejec

    Bdaejec is a backdoor written in C++.

    backdoorbdaejec

  • Bdaejec family

    bdaejec

  • Detects Bdaejec Backdoor.

    Bdaejec is backdoor written in C++.

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2