General
-
Target
2024-11-24_43b201729678800539cb685d9b601ea0_smoke-loader_wapomi
-
Size
125KB
-
Sample
241124-aqrt9s1jel
-
MD5
43b201729678800539cb685d9b601ea0
-
SHA1
390e8f15540fec40b37d0af1c5b259c5a30f3b70
-
SHA256
6c7f2af6b0e4a4282ad2db2a1303e37e3707334e5d9a5b30c9bc5be14a39758e
-
SHA512
5d115db22692751b74eba30096f00a78f0b14d641a94752917ccf141e5a928bf64b4fc9f96aa6fce13db23a84843d7a48c0855c0b160e9068170f43a81e472f5
-
SSDEEP
3072:IH451OJpM1uOcIbqaORUF0/+8v51AwGoG94dF/GCH:x4pM1uLIbCKFq++RGT4dFu
Behavioral task
behavioral1
Sample
2024-11-24_43b201729678800539cb685d9b601ea0_smoke-loader_wapomi.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-24_43b201729678800539cb685d9b601ea0_smoke-loader_wapomi
-
Size
125KB
-
MD5
43b201729678800539cb685d9b601ea0
-
SHA1
390e8f15540fec40b37d0af1c5b259c5a30f3b70
-
SHA256
6c7f2af6b0e4a4282ad2db2a1303e37e3707334e5d9a5b30c9bc5be14a39758e
-
SHA512
5d115db22692751b74eba30096f00a78f0b14d641a94752917ccf141e5a928bf64b4fc9f96aa6fce13db23a84843d7a48c0855c0b160e9068170f43a81e472f5
-
SSDEEP
3072:IH451OJpM1uOcIbqaORUF0/+8v51AwGoG94dF/GCH:x4pM1uLIbCKFq++RGT4dFu
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-