General
-
Target
2024-11-27_d7c50ced528feffdeeaeae2bea3a794e_smoke-loader_wapomi
-
Size
78KB
-
Sample
241127-x888laxjdw
-
MD5
d7c50ced528feffdeeaeae2bea3a794e
-
SHA1
6a94585deccf962905ff250dc98041eaae4419d1
-
SHA256
707936f318e6fe6451dbdb4b0cad30c18d96d519e46c0182a4b29ee48c77d786
-
SHA512
dfa5d113075804dd4ea1e098a7d3c7a25ee4b5e7d4c6e6a288f04d9262d05e5d1042939a5c6de10760b99ee66f8877cf4cf19b7ba7382309a8d91cd4c444b469
-
SSDEEP
1536:X4Uw62baSYSBPcPeMjXM7QybzGCq2iW7z:IUkbaTjX8Q4GCH
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-27_d7c50ced528feffdeeaeae2bea3a794e_smoke-loader_wapomi.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-27_d7c50ced528feffdeeaeae2bea3a794e_smoke-loader_wapomi
-
Size
78KB
-
MD5
d7c50ced528feffdeeaeae2bea3a794e
-
SHA1
6a94585deccf962905ff250dc98041eaae4419d1
-
SHA256
707936f318e6fe6451dbdb4b0cad30c18d96d519e46c0182a4b29ee48c77d786
-
SHA512
dfa5d113075804dd4ea1e098a7d3c7a25ee4b5e7d4c6e6a288f04d9262d05e5d1042939a5c6de10760b99ee66f8877cf4cf19b7ba7382309a8d91cd4c444b469
-
SSDEEP
1536:X4Uw62baSYSBPcPeMjXM7QybzGCq2iW7z:IUkbaTjX8Q4GCH
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-