General

  • Target

    a0febeb2c8d9c5e4cd81005560b6ccd4e4b40b09175c8b5d921d317e2ad229d8.exe

  • Size

    103KB

  • Sample

    241203-qzmvnstkaq

  • MD5

    03818b303ece1b6565c056e1a707edb3

  • SHA1

    448ea68d0bd2a39bf79234b8a12cb0483ff32231

  • SHA256

    a0febeb2c8d9c5e4cd81005560b6ccd4e4b40b09175c8b5d921d317e2ad229d8

  • SHA512

    f0ab16c381187e766b9b0b2868265929952f00df190bf72377b8f207a929caac53cd9df2c65883a13485fe7178a441ed59b057333a293a3be889bac0f63b1ae8

  • SSDEEP

    1536:ButZMKW/pJ4IOPkibTKzOUblUjYbgKbddYInG+cFfHYToWEGCq2iW7za:B2MLuSyMt79G+ufHYTo7GCH2

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      a0febeb2c8d9c5e4cd81005560b6ccd4e4b40b09175c8b5d921d317e2ad229d8.exe

    • Size

      103KB

    • MD5

      03818b303ece1b6565c056e1a707edb3

    • SHA1

      448ea68d0bd2a39bf79234b8a12cb0483ff32231

    • SHA256

      a0febeb2c8d9c5e4cd81005560b6ccd4e4b40b09175c8b5d921d317e2ad229d8

    • SHA512

      f0ab16c381187e766b9b0b2868265929952f00df190bf72377b8f207a929caac53cd9df2c65883a13485fe7178a441ed59b057333a293a3be889bac0f63b1ae8

    • SSDEEP

      1536:ButZMKW/pJ4IOPkibTKzOUblUjYbgKbddYInG+cFfHYToWEGCq2iW7za:B2MLuSyMt79G+ufHYTo7GCH2

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks