bdaejec

General

Target

2024-12-10_597166a13904a1e9660cafca28cc7c26_karagany_mafia_wapomi
Size

120KB
Sample

241210-ybd7mawjdw
MD5

597166a13904a1e9660cafca28cc7c26
SHA1

ccdb0d1cba601137cda8fdea9c2b20831206982d
SHA256

f7ea5f308bd5bd5de4b49ea2ed8a9dfdb75e3c269b5d59eac98b982568aee296
SHA512

b97316d7944d7087a6032992a6177d9c8708943686f66c1caacaff8d66b0d3a3069ed67a95519ffb2799895c8cb2ca7ba1cafaedc7c94cb5b0e87ce80c7d6720
SSDEEP

3072:FOzAt7oScwptXd1PS7U4j4XuKnwE6GCH:FP7ZtXTateu3EL

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  2024-12-10_597166a13904a1e9660cafca28cc7c26_karagany_mafia_wapomi
- Size
  
  120KB
- MD5
  
  597166a13904a1e9660cafca28cc7c26
- SHA1
  
  ccdb0d1cba601137cda8fdea9c2b20831206982d
- SHA256
  
  f7ea5f308bd5bd5de4b49ea2ed8a9dfdb75e3c269b5d59eac98b982568aee296
- SHA512
  
  b97316d7944d7087a6032992a6177d9c8708943686f66c1caacaff8d66b0d3a3069ed67a95519ffb2799895c8cb2ca7ba1cafaedc7c94cb5b0e87ce80c7d6720
- SSDEEP
  
  3072:FOzAt7oScwptXd1PS7U4j4XuKnwE6GCH:FP7ZtXTateu3EL
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2