General

  • Target

    2024-11-22_26e460032f2b6d66bfee473093015ae4_smoke-loader_wapomi

  • Size

    1.2MB

  • Sample

    241122-njlxbswjbr

  • MD5

    26e460032f2b6d66bfee473093015ae4

  • SHA1

    83e6c4e5a82457c1efcbe36f61881637c98c4e7c

  • SHA256

    0d87579d3f433b358a354ffb9fa1fc4276c63f4ffbd4ea9b7375519619435478

  • SHA512

    63b7653c7bcd77863e4550f6ad33fb0cdfefbc92c03712fc690f145f24052763caebae95941fdd81146648a0298f97295091492ae27a48a4301ac18072afe96a

  • SSDEEP

    24576:07GO7dtrjrICw9XuXo7beSTdt5xbX02uvfTXfBxrj3d5E/jKQvVj4YpdjYY0td78:1EtnrICSooGSTD5xbX022fjBxrj3

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      2024-11-22_26e460032f2b6d66bfee473093015ae4_smoke-loader_wapomi

    • Size

      1.2MB

    • MD5

      26e460032f2b6d66bfee473093015ae4

    • SHA1

      83e6c4e5a82457c1efcbe36f61881637c98c4e7c

    • SHA256

      0d87579d3f433b358a354ffb9fa1fc4276c63f4ffbd4ea9b7375519619435478

    • SHA512

      63b7653c7bcd77863e4550f6ad33fb0cdfefbc92c03712fc690f145f24052763caebae95941fdd81146648a0298f97295091492ae27a48a4301ac18072afe96a

    • SSDEEP

      24576:07GO7dtrjrICw9XuXo7beSTdt5xbX02uvfTXfBxrj3d5E/jKQvVj4YpdjYY0td78:1EtnrICSooGSTD5xbX022fjBxrj3

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks