General
-
Target
2024-11-29_549cebf7010f2eda9036c905d6a9ba19_smoke-loader_wapomi
-
Size
203KB
-
Sample
241129-b68y6atqdq
-
MD5
549cebf7010f2eda9036c905d6a9ba19
-
SHA1
fd04070adab1ff97aa3fcf38424a4662f8c20d85
-
SHA256
547c069760f8be2ec3b762a20f03bd7c913104c061804a29b31ee0d447c15ca1
-
SHA512
ac5f7404e2c7feae17b7480412b38c68a120e3c9ea54d22df85922434cb3f1f19471c4627ccc2f43e898719b8b2e441de2a8483c4adaf1ec8785a5a2ba23ef5d
-
SSDEEP
3072:h1TlCN3DeL0dA/VkvpS6zpQDt0v2E6LGHxdOWTtDwqytR2TBf9AqqpUwIwGCH:/lGXd4OvDzewKLGHj0qTBlznBt
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-29_549cebf7010f2eda9036c905d6a9ba19_smoke-loader_wapomi.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-29_549cebf7010f2eda9036c905d6a9ba19_smoke-loader_wapomi
-
Size
203KB
-
MD5
549cebf7010f2eda9036c905d6a9ba19
-
SHA1
fd04070adab1ff97aa3fcf38424a4662f8c20d85
-
SHA256
547c069760f8be2ec3b762a20f03bd7c913104c061804a29b31ee0d447c15ca1
-
SHA512
ac5f7404e2c7feae17b7480412b38c68a120e3c9ea54d22df85922434cb3f1f19471c4627ccc2f43e898719b8b2e441de2a8483c4adaf1ec8785a5a2ba23ef5d
-
SSDEEP
3072:h1TlCN3DeL0dA/VkvpS6zpQDt0v2E6LGHxdOWTtDwqytR2TBf9AqqpUwIwGCH:/lGXd4OvDzewKLGHj0qTBlznBt
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-