General
-
Target
2024-11-29_ee52dd2cf3e9526945e7002a0390fbac_smoke-loader_wapomi
-
Size
1.2MB
-
Sample
241129-jjkl2sypbl
-
MD5
ee52dd2cf3e9526945e7002a0390fbac
-
SHA1
4646a34190cfaeaaa95106f9fa00130c765ba24f
-
SHA256
8d82194b7f0a0d8e4d693aaf4362e4c4ae49dc0e4abb36dfc88001bad18f1793
-
SHA512
570fa637c6367e9aeeb05f56c07c6b85464123e32b23b6d5591893a1fd9844f87177ef46f95f8919608d4011dd31d29bfc727d43c8a0aff4cabb2be0516a8bf1
-
SSDEEP
24576:07GO7dtrjrICw9XuXo7beSTdt5xbX02uvfTXfBxrj3d5E/jKQvVj4YpdjYY0td78:1EtnrICSooGSTD5xbX022fjBxrj3
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-29_ee52dd2cf3e9526945e7002a0390fbac_smoke-loader_wapomi.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-29_ee52dd2cf3e9526945e7002a0390fbac_smoke-loader_wapomi
-
Size
1.2MB
-
MD5
ee52dd2cf3e9526945e7002a0390fbac
-
SHA1
4646a34190cfaeaaa95106f9fa00130c765ba24f
-
SHA256
8d82194b7f0a0d8e4d693aaf4362e4c4ae49dc0e4abb36dfc88001bad18f1793
-
SHA512
570fa637c6367e9aeeb05f56c07c6b85464123e32b23b6d5591893a1fd9844f87177ef46f95f8919608d4011dd31d29bfc727d43c8a0aff4cabb2be0516a8bf1
-
SSDEEP
24576:07GO7dtrjrICw9XuXo7beSTdt5xbX02uvfTXfBxrj3d5E/jKQvVj4YpdjYY0td78:1EtnrICSooGSTD5xbX022fjBxrj3
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-