General
-
Target
2024-11-23_4c8acb9d98b24b727031d7ce55157c76_smoke-loader_wapomi
-
Size
1.1MB
-
Sample
241123-rygspssqfp
-
MD5
4c8acb9d98b24b727031d7ce55157c76
-
SHA1
90439d0ef38869f59b6193ed098282ac9e08b626
-
SHA256
35814d815080011392f0abf62bb6b1a5164a176c06f76e00119448498b7f8546
-
SHA512
8d705c4c25ecaf7af00cb5fe20d6d2aa28e4d90b540503964dae89164a7bb339a343d31e61009d642ba043ed4b88b0c5f8d80dffcb188200c42da5140fc30733
-
SSDEEP
12288:ZqOPajQUXXP8QvLWFx6Mo5rippDC7ee1hpls4Ey+:ZnajQEPnvg6PhWDC750
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-23_4c8acb9d98b24b727031d7ce55157c76_smoke-loader_wapomi.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-23_4c8acb9d98b24b727031d7ce55157c76_smoke-loader_wapomi
-
Size
1.1MB
-
MD5
4c8acb9d98b24b727031d7ce55157c76
-
SHA1
90439d0ef38869f59b6193ed098282ac9e08b626
-
SHA256
35814d815080011392f0abf62bb6b1a5164a176c06f76e00119448498b7f8546
-
SHA512
8d705c4c25ecaf7af00cb5fe20d6d2aa28e4d90b540503964dae89164a7bb339a343d31e61009d642ba043ed4b88b0c5f8d80dffcb188200c42da5140fc30733
-
SSDEEP
12288:ZqOPajQUXXP8QvLWFx6Mo5rippDC7ee1hpls4Ey+:ZnajQEPnvg6PhWDC750
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-