bdaejec | bbddd9c524af0099a14653dc9fc4cbb1621f6eebe4fae7385e034884e45089a7 | Triage

Submit
Reports

Overview

overview

Static

static

3

DutchbotInject.exe

windows7-x64

DutchbotInject.exe

windows10-2004-x64

Sharing

General

Target

DutchbotInject.exe
Size

161KB
Sample

241212-11zwqs1kgl
MD5

6cb99c55f0d629d987a3e1cd838c251f
SHA1

fc4fb10db33c0072ef2fda75f03ca24133b2ab86
SHA256

bbddd9c524af0099a14653dc9fc4cbb1621f6eebe4fae7385e034884e45089a7
SHA512

ae721c475450ff1d0a13d637e932bfdf5d05916527caa437897bc6897ee1523e21ce3ad87ab632d93e5c191afe26421fac364e5d918c368efcbf074d7e975ea6
SSDEEP

1536:fRGCzQjSVxm+GCq2iW7zLNX5MdzNoBl4Lq:fRGWjPZGCHlX5kel4Lq

Score

10^/10

bdaejec aspackv2 backdoor discovery evasion execution

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

DutchbotInject.exe

Resource

win7-20240729-en

bdaejec aspackv2 backdoor discovery evasion execution

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

DutchbotInject.exe

Resource

win10v2004-20241007-en

bdaejec aspackv2 backdoor discovery evasion execution

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  DutchbotInject.exe
- Size
  
  161KB
- MD5
  
  6cb99c55f0d629d987a3e1cd838c251f
- SHA1
  
  fc4fb10db33c0072ef2fda75f03ca24133b2ab86
- SHA256
  
  bbddd9c524af0099a14653dc9fc4cbb1621f6eebe4fae7385e034884e45089a7
- SHA512
  
  ae721c475450ff1d0a13d637e932bfdf5d05916527caa437897bc6897ee1523e21ce3ad87ab632d93e5c191afe26421fac364e5d918c368efcbf074d7e975ea6
- SSDEEP
  
  1536:fRGCzQjSVxm+GCq2iW7zLNX5MdzNoBl4Lq:fRGWjPZGCHlX5kel4Lq
Score

10^/10

bdaejec aspackv2 backdoor discovery evasion execution
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- Stops running service(s)
  evasion execution
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

bdaejecaspackv2backdoordiscoveryevasionexecution

behavioral2

bdaejecaspackv2backdoordiscoveryevasionexecution

© 2018-2025

Terms | Privacy