General

  • Target

    2024-11-29_ee52dd2cf3e9526945e7002a0390fbac_smoke-loader_wapomi

  • Size

    1.2MB

  • Sample

    241129-jjkl2sypbl

  • MD5

    ee52dd2cf3e9526945e7002a0390fbac

  • SHA1

    4646a34190cfaeaaa95106f9fa00130c765ba24f

  • SHA256

    8d82194b7f0a0d8e4d693aaf4362e4c4ae49dc0e4abb36dfc88001bad18f1793

  • SHA512

    570fa637c6367e9aeeb05f56c07c6b85464123e32b23b6d5591893a1fd9844f87177ef46f95f8919608d4011dd31d29bfc727d43c8a0aff4cabb2be0516a8bf1

  • SSDEEP

    24576:07GO7dtrjrICw9XuXo7beSTdt5xbX02uvfTXfBxrj3d5E/jKQvVj4YpdjYY0td78:1EtnrICSooGSTD5xbX022fjBxrj3

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      2024-11-29_ee52dd2cf3e9526945e7002a0390fbac_smoke-loader_wapomi

    • Size

      1.2MB

    • MD5

      ee52dd2cf3e9526945e7002a0390fbac

    • SHA1

      4646a34190cfaeaaa95106f9fa00130c765ba24f

    • SHA256

      8d82194b7f0a0d8e4d693aaf4362e4c4ae49dc0e4abb36dfc88001bad18f1793

    • SHA512

      570fa637c6367e9aeeb05f56c07c6b85464123e32b23b6d5591893a1fd9844f87177ef46f95f8919608d4011dd31d29bfc727d43c8a0aff4cabb2be0516a8bf1

    • SSDEEP

      24576:07GO7dtrjrICw9XuXo7beSTdt5xbX02uvfTXfBxrj3d5E/jKQvVj4YpdjYY0td78:1EtnrICSooGSTD5xbX022fjBxrj3

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks