General

  • Target

    2024-11-27_d7c50ced528feffdeeaeae2bea3a794e_smoke-loader_wapomi

  • Size

    78KB

  • Sample

    241127-x888laxjdw

  • MD5

    d7c50ced528feffdeeaeae2bea3a794e

  • SHA1

    6a94585deccf962905ff250dc98041eaae4419d1

  • SHA256

    707936f318e6fe6451dbdb4b0cad30c18d96d519e46c0182a4b29ee48c77d786

  • SHA512

    dfa5d113075804dd4ea1e098a7d3c7a25ee4b5e7d4c6e6a288f04d9262d05e5d1042939a5c6de10760b99ee66f8877cf4cf19b7ba7382309a8d91cd4c444b469

  • SSDEEP

    1536:X4Uw62baSYSBPcPeMjXM7QybzGCq2iW7z:IUkbaTjX8Q4GCH

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      2024-11-27_d7c50ced528feffdeeaeae2bea3a794e_smoke-loader_wapomi

    • Size

      78KB

    • MD5

      d7c50ced528feffdeeaeae2bea3a794e

    • SHA1

      6a94585deccf962905ff250dc98041eaae4419d1

    • SHA256

      707936f318e6fe6451dbdb4b0cad30c18d96d519e46c0182a4b29ee48c77d786

    • SHA512

      dfa5d113075804dd4ea1e098a7d3c7a25ee4b5e7d4c6e6a288f04d9262d05e5d1042939a5c6de10760b99ee66f8877cf4cf19b7ba7382309a8d91cd4c444b469

    • SSDEEP

      1536:X4Uw62baSYSBPcPeMjXM7QybzGCq2iW7z:IUkbaTjX8Q4GCH

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks