General
-
Target
2024-11-22_26e460032f2b6d66bfee473093015ae4_smoke-loader_wapomi
-
Size
1.2MB
-
Sample
241122-njlxbswjbr
-
MD5
26e460032f2b6d66bfee473093015ae4
-
SHA1
83e6c4e5a82457c1efcbe36f61881637c98c4e7c
-
SHA256
0d87579d3f433b358a354ffb9fa1fc4276c63f4ffbd4ea9b7375519619435478
-
SHA512
63b7653c7bcd77863e4550f6ad33fb0cdfefbc92c03712fc690f145f24052763caebae95941fdd81146648a0298f97295091492ae27a48a4301ac18072afe96a
-
SSDEEP
24576:07GO7dtrjrICw9XuXo7beSTdt5xbX02uvfTXfBxrj3d5E/jKQvVj4YpdjYY0td78:1EtnrICSooGSTD5xbX022fjBxrj3
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-22_26e460032f2b6d66bfee473093015ae4_smoke-loader_wapomi.exe
Resource
win7-20241023-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-22_26e460032f2b6d66bfee473093015ae4_smoke-loader_wapomi
-
Size
1.2MB
-
MD5
26e460032f2b6d66bfee473093015ae4
-
SHA1
83e6c4e5a82457c1efcbe36f61881637c98c4e7c
-
SHA256
0d87579d3f433b358a354ffb9fa1fc4276c63f4ffbd4ea9b7375519619435478
-
SHA512
63b7653c7bcd77863e4550f6ad33fb0cdfefbc92c03712fc690f145f24052763caebae95941fdd81146648a0298f97295091492ae27a48a4301ac18072afe96a
-
SSDEEP
24576:07GO7dtrjrICw9XuXo7beSTdt5xbX02uvfTXfBxrj3d5E/jKQvVj4YpdjYY0td78:1EtnrICSooGSTD5xbX022fjBxrj3
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-