General
-
Target
680bcd0edd2947879e510ac367d5883fc6683bb8a6913c95b99a94a4441a2167
-
Size
2.7MB
-
Sample
241123-nezydstndy
-
MD5
32e14db7af2f7a7ff473562adab391dc
-
SHA1
3edb02ed9dfb773bb410c20aa509bcdbe6ad34ca
-
SHA256
680bcd0edd2947879e510ac367d5883fc6683bb8a6913c95b99a94a4441a2167
-
SHA512
bbc85f497995f7bebb782ad2c69dc2558a10dd6276cfc1c8b305707c8f8aa6c4eac327c706d7376219dc717f6c19c9dafaf6563b16bd41db529e12c21bb98162
-
SSDEEP
49152:K5yaUm62qD9dDqnroHOrQhKTlh1d2HObA3:K5zA9cnsHIZhf2Hv
Static task
static1
Behavioral task
behavioral1
Sample
680bcd0edd2947879e510ac367d5883fc6683bb8a6913c95b99a94a4441a2167.exe
Resource
win7-20241010-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
680bcd0edd2947879e510ac367d5883fc6683bb8a6913c95b99a94a4441a2167
-
Size
2.7MB
-
MD5
32e14db7af2f7a7ff473562adab391dc
-
SHA1
3edb02ed9dfb773bb410c20aa509bcdbe6ad34ca
-
SHA256
680bcd0edd2947879e510ac367d5883fc6683bb8a6913c95b99a94a4441a2167
-
SHA512
bbc85f497995f7bebb782ad2c69dc2558a10dd6276cfc1c8b305707c8f8aa6c4eac327c706d7376219dc717f6c19c9dafaf6563b16bd41db529e12c21bb98162
-
SSDEEP
49152:K5yaUm62qD9dDqnroHOrQhKTlh1d2HObA3:K5zA9cnsHIZhf2Hv
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1