General
-
Target
2024-11-26_241736094d93be5ab6046a101b52b377_smoke-loader_wapomi
-
Size
1.1MB
-
Sample
241126-pndxys1lg1
-
MD5
241736094d93be5ab6046a101b52b377
-
SHA1
ff55fe5341990cbb3c66167ac10a5de3d45bf45e
-
SHA256
876f604a03c78085fa9643a0b04695cd21c5e1ef93cab02aae602e8717548152
-
SHA512
82903ba0b77c2a0166ad42615d24a08ebfff596519c526f1f7fa0281254ea695c0e71e2b136702bfaa95fc93d0fbd762e8cd6ae2251224472c7f806df4a2c23c
-
SSDEEP
12288:ZqOPajQUXXP8QvLWFx6Mo5rippDC7ee1hpls4Ey+:ZnajQEPnvg6PhWDC750
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-26_241736094d93be5ab6046a101b52b377_smoke-loader_wapomi.exe
Resource
win7-20240708-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-26_241736094d93be5ab6046a101b52b377_smoke-loader_wapomi
-
Size
1.1MB
-
MD5
241736094d93be5ab6046a101b52b377
-
SHA1
ff55fe5341990cbb3c66167ac10a5de3d45bf45e
-
SHA256
876f604a03c78085fa9643a0b04695cd21c5e1ef93cab02aae602e8717548152
-
SHA512
82903ba0b77c2a0166ad42615d24a08ebfff596519c526f1f7fa0281254ea695c0e71e2b136702bfaa95fc93d0fbd762e8cd6ae2251224472c7f806df4a2c23c
-
SSDEEP
12288:ZqOPajQUXXP8QvLWFx6Mo5rippDC7ee1hpls4Ey+:ZnajQEPnvg6PhWDC750
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-