General

  • Target

    d2ebce3eac56904da145fe9008fa926235a2f0f8b2657d2bcfbffc5c1552de42

  • Size

    1.8MB

  • Sample

    241215-x84m4stqht

  • MD5

    7d1435ff14fecaf9aca62dca6905c7a4

  • SHA1

    17297f5b8e57affb08b1af28f9c356146da14a2d

  • SHA256

    d2ebce3eac56904da145fe9008fa926235a2f0f8b2657d2bcfbffc5c1552de42

  • SHA512

    09cdf66d9772f00d3d01b2254b7fbece712d9f8fba3c74ae6f3fd8d6b327b7ad6f90064235b25c9e6aa812f9b112e8063807af71103c67c0ad6037482bc27e72

  • SSDEEP

    49152:B9UAxBrFrrDgPSAJ/7E4UIlSRLOlvQzyr+jsx4ClwK2KjQd:f5AJ/7MyoLyH0sx4Clw7S2

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      d2ebce3eac56904da145fe9008fa926235a2f0f8b2657d2bcfbffc5c1552de42

    • Size

      1.8MB

    • MD5

      7d1435ff14fecaf9aca62dca6905c7a4

    • SHA1

      17297f5b8e57affb08b1af28f9c356146da14a2d

    • SHA256

      d2ebce3eac56904da145fe9008fa926235a2f0f8b2657d2bcfbffc5c1552de42

    • SHA512

      09cdf66d9772f00d3d01b2254b7fbece712d9f8fba3c74ae6f3fd8d6b327b7ad6f90064235b25c9e6aa812f9b112e8063807af71103c67c0ad6037482bc27e72

    • SSDEEP

      49152:B9UAxBrFrrDgPSAJ/7E4UIlSRLOlvQzyr+jsx4ClwK2KjQd:f5AJ/7MyoLyH0sx4Clw7S2

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks