General
-
Target
2024-11-28_514e519aab7c71690605a06e44e85b6c_smoke-loader_wapomi
-
Size
905KB
-
Sample
241128-qn1x6ayncw
-
MD5
514e519aab7c71690605a06e44e85b6c
-
SHA1
dbd04617925c05b11f177a6b706c90e056ce9b8a
-
SHA256
a7debc7e3e3c5882d62d232c17b8d75a7b7ebf321d58c471a51bb6e336a4972c
-
SHA512
12ea1692c504a845be10cc32d76fefb6a90678a85f98e93f585ec58581bb5071889588fd5b447b54fd9bdfb6fa2cd76a5a8e96397bcd4ab7180fdb71b2348aee
-
SSDEEP
24576:SitjqesDHoeKdfRDltk4suznX4fHo5rt46h:wfDHQprzXAHoX4
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-28_514e519aab7c71690605a06e44e85b6c_smoke-loader_wapomi.exe
Resource
win7-20241010-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-28_514e519aab7c71690605a06e44e85b6c_smoke-loader_wapomi
-
Size
905KB
-
MD5
514e519aab7c71690605a06e44e85b6c
-
SHA1
dbd04617925c05b11f177a6b706c90e056ce9b8a
-
SHA256
a7debc7e3e3c5882d62d232c17b8d75a7b7ebf321d58c471a51bb6e336a4972c
-
SHA512
12ea1692c504a845be10cc32d76fefb6a90678a85f98e93f585ec58581bb5071889588fd5b447b54fd9bdfb6fa2cd76a5a8e96397bcd4ab7180fdb71b2348aee
-
SSDEEP
24576:SitjqesDHoeKdfRDltk4suznX4fHo5rt46h:wfDHQprzXAHoX4
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-