General
-
Target
bea7a3002ca4fa4f15d91993abb2f309_JaffaCakes118
-
Size
26KB
-
Sample
241203-w3dztsxnd1
-
MD5
bea7a3002ca4fa4f15d91993abb2f309
-
SHA1
a1683bed848e648a821a515e5f0e1a75b1a7d557
-
SHA256
e419009aa85bfb1289f50a6ff91522b8c0c3d41eb9c16596089ae7cca36fad03
-
SHA512
94570ec7a982eeec88ae6cf32cc11abd5a61f74add058af8cba89038421f476bf8c3568f336e6ed4279152365c0fc19d92fd5afb2a1062f77686ae7fc44408fb
-
SSDEEP
768:qd5u7mNGtyVf7AsQGPL4vzZq2o9W7GsxBbPr:qd5z/fcvGCq2iW7z
Static task
static1
Behavioral task
behavioral1
Sample
bea7a3002ca4fa4f15d91993abb2f309_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
bea7a3002ca4fa4f15d91993abb2f309_JaffaCakes118
-
Size
26KB
-
MD5
bea7a3002ca4fa4f15d91993abb2f309
-
SHA1
a1683bed848e648a821a515e5f0e1a75b1a7d557
-
SHA256
e419009aa85bfb1289f50a6ff91522b8c0c3d41eb9c16596089ae7cca36fad03
-
SHA512
94570ec7a982eeec88ae6cf32cc11abd5a61f74add058af8cba89038421f476bf8c3568f336e6ed4279152365c0fc19d92fd5afb2a1062f77686ae7fc44408fb
-
SSDEEP
768:qd5u7mNGtyVf7AsQGPL4vzZq2o9W7GsxBbPr:qd5z/fcvGCq2iW7z
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-