General
-
Target
2024-12-03_f30391b44be93301d9bcb89b09c18520_avoslocker_cobalt-strike_luca-stealer_wapomi
-
Size
164KB
-
Sample
241203-x9xaeswjfl
-
MD5
f30391b44be93301d9bcb89b09c18520
-
SHA1
373000c560d4d0781552053daca75b8d4c3a769f
-
SHA256
b23266990e11675fb002bc3b3794b728feffbd2bc74ab5661e59f044d752a443
-
SHA512
bb454b691d08aab525666f02719fa3ac8f9e839beb179614536438e3968669e00616f4c5fa3d8da67a38ed642bd1d00c7ddaf76ca093694d8c5cd530b2b9d26e
-
SSDEEP
3072:h8nH9j2ziuvAaIBlCn24Rc4Yn0NJKckH2Fe7E29A/zdGt69heo4JLGCH:hyR2zi7ajvRcGLKZH2FaLw9hH4Jy
Static task
static1
Behavioral task
behavioral1
Sample
2024-12-03_f30391b44be93301d9bcb89b09c18520_avoslocker_cobalt-strike_luca-stealer_wapomi.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-12-03_f30391b44be93301d9bcb89b09c18520_avoslocker_cobalt-strike_luca-stealer_wapomi
-
Size
164KB
-
MD5
f30391b44be93301d9bcb89b09c18520
-
SHA1
373000c560d4d0781552053daca75b8d4c3a769f
-
SHA256
b23266990e11675fb002bc3b3794b728feffbd2bc74ab5661e59f044d752a443
-
SHA512
bb454b691d08aab525666f02719fa3ac8f9e839beb179614536438e3968669e00616f4c5fa3d8da67a38ed642bd1d00c7ddaf76ca093694d8c5cd530b2b9d26e
-
SSDEEP
3072:h8nH9j2ziuvAaIBlCn24Rc4Yn0NJKckH2Fe7E29A/zdGt69heo4JLGCH:hyR2zi7ajvRcGLKZH2FaLw9hH4Jy
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-