Overview

overview

10

Static

static

3

OASIS AIO TOOL.rar

windows7-x64

1

OASIS AIO TOOL.rar

windows10-2004-x64

1

AdbWinApi.dll

windows7-x64

3

AdbWinApi.dll

windows10-2004-x64

3

OASIS AIO ...pi.dll

windows7-x64

3

OASIS AIO ...pi.dll

windows10-2004-x64

3

OASIS AIO ...OL.exe

windows7-x64

4

OASIS AIO ...OL.exe

windows10-2004-x64

4

OASIS AIO ...db.exe

windows7-x64

10

OASIS AIO ...db.exe

windows10-2004-x64

10

SHREDDER AIO TOOL.exe

windows7-x64

4

SHREDDER AIO TOOL.exe

windows10-2004-x64

4

adb.exe

windows7-x64

3

adb.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    OASIS AIO TOOL.rar

  • Size

    39.7MB

  • Sample

    241215-xfhvyavlcj

  • MD5

    68e6410384b2f21bdda4b0dfe8671c37

  • SHA1

    de87be74f853cc0d27c25a67ccb8ec631f512fbc

  • SHA256

    2912ebfc163c970d25a666d2723682bfbf8e2a202867b12dc0fec6afa531497e

  • SHA512

    400cfd7cb915bebe25034bd88823885277b8d54675209c1a5879a650380caa0b58bea6af251b280b7f24fbb2ab2c6606ac9f6ea4c04dd08442f3fb90439556d6

  • SSDEEP

    786432:FSOqUL8WjI6USKtIpVaCBDSOqULgmmW/n0ICrgpD8b:+ALPKWJaav0Ioga

Score
10/10
bdaejecaspackv2backdoordiscovery

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      OASIS AIO TOOL.rar

    • Size

      39.7MB

    • MD5

      68e6410384b2f21bdda4b0dfe8671c37

    • SHA1

      de87be74f853cc0d27c25a67ccb8ec631f512fbc

    • SHA256

      2912ebfc163c970d25a666d2723682bfbf8e2a202867b12dc0fec6afa531497e

    • SHA512

      400cfd7cb915bebe25034bd88823885277b8d54675209c1a5879a650380caa0b58bea6af251b280b7f24fbb2ab2c6606ac9f6ea4c04dd08442f3fb90439556d6

    • SSDEEP

      786432:FSOqUL8WjI6USKtIpVaCBDSOqULgmmW/n0ICrgpD8b:+ALPKWJaav0Ioga

    Score
    1/10
    behavioral1behavioral2

    • Target

      AdbWinApi.dll

    • Size

      108KB

    • MD5

      0c9fe1d2b6adf8bced775447a4f19545

    • SHA1

      54c50cc56f5e8a9bb89055d3336295a9d0df9e12

    • SHA256

      16ab72834348dd981bc4f18d6c0e1d55e7e6d94d620323b82ea6872c147adacf

    • SHA512

      f13316a0b978ed53076f95c9bdae7eb63e33d0123ecdc1486afef3105c79be0d0889830997609189a85281f38a8b3cf2e7a8f7251cc36558457182c8f9750dfb

    • SSDEEP

      1536:TLpCxybY0FS6MqS6WvgD9xj03TabrFvY5J6sCGt8xed3Ufm:/po0k6ZWVTaif6sCGiS9

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      OASIS AIO TOOL/AdbWinApi.dll

    • Size

      108KB

    • MD5

      0c9fe1d2b6adf8bced775447a4f19545

    • SHA1

      54c50cc56f5e8a9bb89055d3336295a9d0df9e12

    • SHA256

      16ab72834348dd981bc4f18d6c0e1d55e7e6d94d620323b82ea6872c147adacf

    • SHA512

      f13316a0b978ed53076f95c9bdae7eb63e33d0123ecdc1486afef3105c79be0d0889830997609189a85281f38a8b3cf2e7a8f7251cc36558457182c8f9750dfb

    • SSDEEP

      1536:TLpCxybY0FS6MqS6WvgD9xj03TabrFvY5J6sCGt8xed3Ufm:/po0k6ZWVTaif6sCGiS9

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      OASIS AIO TOOL/SHREDDER AIO TOOL.exe

    • Size

      19.8MB

    • MD5

      e0cf0457dac4e4acbdb265640c310270

    • SHA1

      06bc3b50f8b74537f41e8f0401af339a125ded12

    • SHA256

      3ca75f1ed33faeb3816c489498e8aa81d3180ab241378c5fbf42e66fadd0bfa0

    • SHA512

      cd3e46ff692dddbd1538745328d07a6c777a82af5bdbb3685bfc203755028e011671bd7655480e6e871a6e174ec582eb47ee00cd5c1da81e1b58a07f0a29c7f9

    • SSDEEP

      393216:6J5iiX1Wk0Hhnbzsv3e7sCdFVAXMSnKmA6a20fchaHUR:EllB0ZsvO7sCvg3a20fcBR

    Score
    4/10
    behavioral7behavioral8

    • Target

      OASIS AIO TOOL/adb.exe

    • Size

      816KB

    • MD5

      b16c4b8a4215ad7c9c012c7e9375af3e

    • SHA1

      b4d67ed6ecf5af7b487c59770cb7ec9f12e6760c

    • SHA256

      14ab5941dbc67eda143b082c80318e3606ba54d964267c1175ce728cce885a31

    • SHA512

      43a6b0477342460fa3cf0517a925eb7e160b0c2f63a6be19d4d4cf0f7f693aed0838e8ab4906f9fea33a9083d4dce6dd59f9c578b9774838ae93b50d96ded95f

    • SSDEEP

      12288:+5KIVNAIOlVvllPhcjpGsv6cViTIlZThJCmG11RuMYRO2fJpUGpdmTfFnIY:+5KYALlvlPyjpGo6cMTI7bqYaTfFnIY

    Score
    10/10
    bdaejecaspackv2backdoordiscovery

    • Bdaejec

      Bdaejec is a backdoor written in C++.

      backdoorbdaejec

    • Bdaejec family

      bdaejec

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral10behavioral9

    • Target

      SHREDDER AIO TOOL.exe

    • Size

      19.8MB

    • MD5

      e0cf0457dac4e4acbdb265640c310270

    • SHA1

      06bc3b50f8b74537f41e8f0401af339a125ded12

    • SHA256

      3ca75f1ed33faeb3816c489498e8aa81d3180ab241378c5fbf42e66fadd0bfa0

    • SHA512

      cd3e46ff692dddbd1538745328d07a6c777a82af5bdbb3685bfc203755028e011671bd7655480e6e871a6e174ec582eb47ee00cd5c1da81e1b58a07f0a29c7f9

    • SSDEEP

      393216:6J5iiX1Wk0Hhnbzsv3e7sCdFVAXMSnKmA6a20fchaHUR:EllB0ZsvO7sCvg3a20fcBR

    Score
    4/10
    behavioral11behavioral12

    • Target

      adb.exe

    • Size

      800KB

    • MD5

      a4c00558488ebbbf952a873e1c6a65ae

    • SHA1

      76a94af369a364fbc7fc8983a41a2763ec20bb40

    • SHA256

      bba820b278ced0b9c9bcde334fe5bb825e4110f0a390c936425b186b973eeedc

    • SHA512

      9abe617df5d0d87500a0fd9ffc3b1bc13ede908c36409a6d3f41e1d12ff585a1e50adcc85de372fb6925a40da6975c24e105a3d5b3b99d5ae420a90c57a5c88d

    • SSDEEP

      12288:j5KIVNAIOlVvllPhcjpGsv6cViTIlZThJCmG11RuMYRO2fJpUGpdmTfFnIY:j5KYALlvlPyjpGo6cMTI7bqYaTfFnIY

    Score
    3/10
    discovery
    behavioral13behavioral14

MITRE ATT&CK Enterprise v15

Tasks