General

  • Target

    2024-11-26_241736094d93be5ab6046a101b52b377_smoke-loader_wapomi

  • Size

    1.1MB

  • Sample

    241126-pndxys1lg1

  • MD5

    241736094d93be5ab6046a101b52b377

  • SHA1

    ff55fe5341990cbb3c66167ac10a5de3d45bf45e

  • SHA256

    876f604a03c78085fa9643a0b04695cd21c5e1ef93cab02aae602e8717548152

  • SHA512

    82903ba0b77c2a0166ad42615d24a08ebfff596519c526f1f7fa0281254ea695c0e71e2b136702bfaa95fc93d0fbd762e8cd6ae2251224472c7f806df4a2c23c

  • SSDEEP

    12288:ZqOPajQUXXP8QvLWFx6Mo5rippDC7ee1hpls4Ey+:ZnajQEPnvg6PhWDC750

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      2024-11-26_241736094d93be5ab6046a101b52b377_smoke-loader_wapomi

    • Size

      1.1MB

    • MD5

      241736094d93be5ab6046a101b52b377

    • SHA1

      ff55fe5341990cbb3c66167ac10a5de3d45bf45e

    • SHA256

      876f604a03c78085fa9643a0b04695cd21c5e1ef93cab02aae602e8717548152

    • SHA512

      82903ba0b77c2a0166ad42615d24a08ebfff596519c526f1f7fa0281254ea695c0e71e2b136702bfaa95fc93d0fbd762e8cd6ae2251224472c7f806df4a2c23c

    • SSDEEP

      12288:ZqOPajQUXXP8QvLWFx6Mo5rippDC7ee1hpls4Ey+:ZnajQEPnvg6PhWDC750

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks