bdaejec

General

Target

d4df817d06e14b87444b82810af40d4cd443235f3682f5a26569a99a385ca5bd
Size

2.0MB
Sample

241122-h7k22swnf1
MD5

620a13621d019f9c701d3bc1222050ec
SHA1

de765d5cbfd9d11fc00ea86bc48fad173e188df3
SHA256

d4df817d06e14b87444b82810af40d4cd443235f3682f5a26569a99a385ca5bd
SHA512

d1364a9e53e890ef26ae67cea48d939fa56d5ab2b4f84031c25c880571134d4c45879110e16bc561ba63aab28e49744c0217f08f25ef4e8d7e497e7221fcc145
SSDEEP

49152:XgtB57UF2mb+j5mhKbFMXCLAWzKQT27JSPdoclPuw:75CIKbGXCLA2TkJSVoclP

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  d4df817d06e14b87444b82810af40d4cd443235f3682f5a26569a99a385ca5bd
- Size
  
  2.0MB
- MD5
  
  620a13621d019f9c701d3bc1222050ec
- SHA1
  
  de765d5cbfd9d11fc00ea86bc48fad173e188df3
- SHA256
  
  d4df817d06e14b87444b82810af40d4cd443235f3682f5a26569a99a385ca5bd
- SHA512
  
  d1364a9e53e890ef26ae67cea48d939fa56d5ab2b4f84031c25c880571134d4c45879110e16bc561ba63aab28e49744c0217f08f25ef4e8d7e497e7221fcc145
- SSDEEP
  
  49152:XgtB57UF2mb+j5mhKbFMXCLAWzKQT27JSPdoclPuw:75CIKbGXCLA2TkJSVoclP
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2