Extracted

• • Target

    DutchbotInject.exe

  • Size

    161KB

  • MD5

    6cb99c55f0d629d987a3e1cd838c251f

  • SHA1

    fc4fb10db33c0072ef2fda75f03ca24133b2ab86

  • SHA256

    bbddd9c524af0099a14653dc9fc4cbb1621f6eebe4fae7385e034884e45089a7

  • SHA512

    ae721c475450ff1d0a13d637e932bfdf5d05916527caa437897bc6897ee1523e21ce3ad87ab632d93e5c191afe26421fac364e5d918c368efcbf074d7e975ea6

  • SSDEEP

    1536:fRGCzQjSVxm+GCq2iW7zLNX5MdzNoBl4Lq:fRGWjPZGCHlX5kel4Lq

  Score

  10^/10

  bdaejecaspackv2backdoordiscoveryevasionexecution

  • Bdaejec

    Bdaejec is a backdoor written in C++.

    backdoorbdaejec

  • Bdaejec family

    bdaejec

  • Detects Bdaejec Backdoor.

    Bdaejec is backdoor written in C++.

  • Stops running service(s)

    evasionexecution

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1