General
-
Target
2024-11-25_3678b6fac035fcc1f705c291a9039c58_smoke-loader_wapomi
-
Size
35KB
-
Sample
241125-e1zebatrbn
-
MD5
3678b6fac035fcc1f705c291a9039c58
-
SHA1
925a09039de5d0006daf64cbacb798d285f91445
-
SHA256
dd23b91802db436df659ce628cd7ac36e1b5240b55f711f69c595c4b7d537e41
-
SHA512
00ee093f46e49d7709a9a1dddc5f8e6b1d782832355bb8946382a2208fc9f5c9a6563670d947d71e0d21a4949a9ff66bd17f68484377b0c6f71ec30fa25b1be7
-
SSDEEP
768:3wv4s7UUpOvj8u4Mf4MMRt4Mtj6QGPL4vzZq2o9W7GsxBbPr:3wvvoqO4uP87t5GCq2iW7z
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-25_3678b6fac035fcc1f705c291a9039c58_smoke-loader_wapomi.exe
Resource
win7-20241023-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-25_3678b6fac035fcc1f705c291a9039c58_smoke-loader_wapomi
-
Size
35KB
-
MD5
3678b6fac035fcc1f705c291a9039c58
-
SHA1
925a09039de5d0006daf64cbacb798d285f91445
-
SHA256
dd23b91802db436df659ce628cd7ac36e1b5240b55f711f69c595c4b7d537e41
-
SHA512
00ee093f46e49d7709a9a1dddc5f8e6b1d782832355bb8946382a2208fc9f5c9a6563670d947d71e0d21a4949a9ff66bd17f68484377b0c6f71ec30fa25b1be7
-
SSDEEP
768:3wv4s7UUpOvj8u4Mf4MMRt4Mtj6QGPL4vzZq2o9W7GsxBbPr:3wvvoqO4uP87t5GCq2iW7z
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-