General

  • Target

    755c799f08f718a96aa19d8901687ee6aaa7ede2d66b542e83f617e3f4aea171N.exe

  • Size

    108KB

  • Sample

    241216-pxk3ma1qan

  • MD5

    ff68b143be8737ad146c16543663d310

  • SHA1

    3d91c3d345fc84cb522c713d4c1c7c82d372a790

  • SHA256

    755c799f08f718a96aa19d8901687ee6aaa7ede2d66b542e83f617e3f4aea171

  • SHA512

    eb709abad309366bcce86a8caf95b7cfce687ef19163caad3695119d9811e514b6d5da0efecdab5c0e3c797dd85827bd20ae31b192cac94e94c2b8758b9d64d7

  • SSDEEP

    1536:4k1JCXf3l9izMfUBRq/YxiLvxnjXIRXMMGBkyJMjZROYJT3bQghxHCZ4sGCq2iWv:4Nf3wRqQxKvxnsRcaCLGCH

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      755c799f08f718a96aa19d8901687ee6aaa7ede2d66b542e83f617e3f4aea171N.exe

    • Size

      108KB

    • MD5

      ff68b143be8737ad146c16543663d310

    • SHA1

      3d91c3d345fc84cb522c713d4c1c7c82d372a790

    • SHA256

      755c799f08f718a96aa19d8901687ee6aaa7ede2d66b542e83f617e3f4aea171

    • SHA512

      eb709abad309366bcce86a8caf95b7cfce687ef19163caad3695119d9811e514b6d5da0efecdab5c0e3c797dd85827bd20ae31b192cac94e94c2b8758b9d64d7

    • SSDEEP

      1536:4k1JCXf3l9izMfUBRq/YxiLvxnjXIRXMMGBkyJMjZROYJT3bQghxHCZ4sGCq2iWv:4Nf3wRqQxKvxnsRcaCLGCH

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks