General

  • Target

    9d4ae8249e8432290b5e7d4b88fa6c29fc822ae97052870b0d8ad2c5a22edccfN.exe

  • Size

    96KB

  • Sample

    241216-qk7xas1nb1

  • MD5

    e164bcb3d5ee22a3a947da9d881e8d20

  • SHA1

    3d8792fd21e283484bc4d18a56ed2d771b824b3e

  • SHA256

    9d4ae8249e8432290b5e7d4b88fa6c29fc822ae97052870b0d8ad2c5a22edccf

  • SHA512

    5cfd9a9f5595e0c0fccf076bbef43ea040715f0abe87bf4cdff4263191a70868b59bf72151ab26584eba5d5a9ca3973818795fc31ab6bf2e0569511f2e2a3582

  • SSDEEP

    1536:MqPjvlpp/06w6Px9+3cu9V+gKFnGCq2iW7z:MqPL1/7w6ZAs+VBKBGCH

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      9d4ae8249e8432290b5e7d4b88fa6c29fc822ae97052870b0d8ad2c5a22edccfN.exe

    • Size

      96KB

    • MD5

      e164bcb3d5ee22a3a947da9d881e8d20

    • SHA1

      3d8792fd21e283484bc4d18a56ed2d771b824b3e

    • SHA256

      9d4ae8249e8432290b5e7d4b88fa6c29fc822ae97052870b0d8ad2c5a22edccf

    • SHA512

      5cfd9a9f5595e0c0fccf076bbef43ea040715f0abe87bf4cdff4263191a70868b59bf72151ab26584eba5d5a9ca3973818795fc31ab6bf2e0569511f2e2a3582

    • SSDEEP

      1536:MqPjvlpp/06w6Px9+3cu9V+gKFnGCq2iW7z:MqPL1/7w6ZAs+VBKBGCH

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks