General
-
Target
2024-12-03_e98ed2c6b266cedf1ae2c3696d75e7b5_smoke-loader_wapomi
-
Size
102KB
-
Sample
241203-pnw4ja1jhl
-
MD5
e98ed2c6b266cedf1ae2c3696d75e7b5
-
SHA1
7db1f51d0a188d972b396c705e5a48c771894c1a
-
SHA256
71ccc15fd80fa65a81b0c8332efdbb76d00800aaa464f6c4a808085e8bc3c320
-
SHA512
59237752c6cb4b2bf6d55bebb89c71e8cba14f3469cffa6aabdebc183c1b1c976b3164bacaa7c7a69fbb9c12dee2084c2f66500d2f476f3aadab828c27b967c7
-
SSDEEP
3072:d/jHsRibJQFHXDT4dY6oNP7vx8lx3GCH:FRbuV4dYHNPbxqc
Static task
static1
Behavioral task
behavioral1
Sample
2024-12-03_e98ed2c6b266cedf1ae2c3696d75e7b5_smoke-loader_wapomi.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-12-03_e98ed2c6b266cedf1ae2c3696d75e7b5_smoke-loader_wapomi
-
Size
102KB
-
MD5
e98ed2c6b266cedf1ae2c3696d75e7b5
-
SHA1
7db1f51d0a188d972b396c705e5a48c771894c1a
-
SHA256
71ccc15fd80fa65a81b0c8332efdbb76d00800aaa464f6c4a808085e8bc3c320
-
SHA512
59237752c6cb4b2bf6d55bebb89c71e8cba14f3469cffa6aabdebc183c1b1c976b3164bacaa7c7a69fbb9c12dee2084c2f66500d2f476f3aadab828c27b967c7
-
SSDEEP
3072:d/jHsRibJQFHXDT4dY6oNP7vx8lx3GCH:FRbuV4dYHNPbxqc
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-