bdaejec

General

Target

17f78df5972d9f719721a9e343ce461278eb37c4d0dd7f2f6cada69b87816efe
Size

14.7MB
Sample

241128-te53asxrbk
MD5

d929a8e2bade05e552a29727ea698ac8
SHA1

5e7fd19d831c54d49378513ebdac6ffa1f1563f5
SHA256

17f78df5972d9f719721a9e343ce461278eb37c4d0dd7f2f6cada69b87816efe
SHA512

0dd2bd3de895141eea9f628408f527f42a8717244ecf5ba2a410c592dfe808959abaa9ea4fe72a8a030f36d03b407ceb70e490a06e8c9fd39e02ade37b714587
SSDEEP

393216:5p96g9zORGIq8KaNddDe0fpzma+0gSKgnEnj:HotsIqsNLe6pVgSKgEj

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  17f78df5972d9f719721a9e343ce461278eb37c4d0dd7f2f6cada69b87816efe
- Size
  
  14.7MB
- MD5
  
  d929a8e2bade05e552a29727ea698ac8
- SHA1
  
  5e7fd19d831c54d49378513ebdac6ffa1f1563f5
- SHA256
  
  17f78df5972d9f719721a9e343ce461278eb37c4d0dd7f2f6cada69b87816efe
- SHA512
  
  0dd2bd3de895141eea9f628408f527f42a8717244ecf5ba2a410c592dfe808959abaa9ea4fe72a8a030f36d03b407ceb70e490a06e8c9fd39e02ade37b714587
- SSDEEP
  
  393216:5p96g9zORGIq8KaNddDe0fpzma+0gSKgnEnj:HotsIqsNLe6pVgSKgEj
Score

10^/10

bdaejec aspackv2 backdoor discovery vmprotect
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

VMProtect packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2