General

  • Target

    bea7a3002ca4fa4f15d91993abb2f309_JaffaCakes118

  • Size

    26KB

  • Sample

    241203-w3dztsxnd1

  • MD5

    bea7a3002ca4fa4f15d91993abb2f309

  • SHA1

    a1683bed848e648a821a515e5f0e1a75b1a7d557

  • SHA256

    e419009aa85bfb1289f50a6ff91522b8c0c3d41eb9c16596089ae7cca36fad03

  • SHA512

    94570ec7a982eeec88ae6cf32cc11abd5a61f74add058af8cba89038421f476bf8c3568f336e6ed4279152365c0fc19d92fd5afb2a1062f77686ae7fc44408fb

  • SSDEEP

    768:qd5u7mNGtyVf7AsQGPL4vzZq2o9W7GsxBbPr:qd5z/fcvGCq2iW7z

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      bea7a3002ca4fa4f15d91993abb2f309_JaffaCakes118

    • Size

      26KB

    • MD5

      bea7a3002ca4fa4f15d91993abb2f309

    • SHA1

      a1683bed848e648a821a515e5f0e1a75b1a7d557

    • SHA256

      e419009aa85bfb1289f50a6ff91522b8c0c3d41eb9c16596089ae7cca36fad03

    • SHA512

      94570ec7a982eeec88ae6cf32cc11abd5a61f74add058af8cba89038421f476bf8c3568f336e6ed4279152365c0fc19d92fd5afb2a1062f77686ae7fc44408fb

    • SSDEEP

      768:qd5u7mNGtyVf7AsQGPL4vzZq2o9W7GsxBbPr:qd5z/fcvGCq2iW7z

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks