General

  • Target

    85d658401960001b68ac6f5f36a72b288082c162a0960caa17da5597dd7b8c7fN.exe

  • Size

    108KB

  • Sample

    241217-1mf7gazpbj

  • MD5

    d7ed9f779c7d7069a537a5d1e0eb1960

  • SHA1

    3da4c1ae14b8e875bd84c9045187da0efb5d251b

  • SHA256

    85d658401960001b68ac6f5f36a72b288082c162a0960caa17da5597dd7b8c7f

  • SHA512

    c3e08658df8c43d215b8d7b6b0dec38c9a5f220ef3333063ba705b9427dccd523d2e10eee561c0cc258e0e946aa197c67d7660a73c293c7cffccaadd1e449b19

  • SSDEEP

    1536:4k1JCXf3l9izMfUBRq/YxiLvxnjXIRXMMGBkyJMjZROYJT3bQghxHCZUhGCq2iWv:4Nf3wRqQxKvxnsRcaCqGCH

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      85d658401960001b68ac6f5f36a72b288082c162a0960caa17da5597dd7b8c7fN.exe

    • Size

      108KB

    • MD5

      d7ed9f779c7d7069a537a5d1e0eb1960

    • SHA1

      3da4c1ae14b8e875bd84c9045187da0efb5d251b

    • SHA256

      85d658401960001b68ac6f5f36a72b288082c162a0960caa17da5597dd7b8c7f

    • SHA512

      c3e08658df8c43d215b8d7b6b0dec38c9a5f220ef3333063ba705b9427dccd523d2e10eee561c0cc258e0e946aa197c67d7660a73c293c7cffccaadd1e449b19

    • SSDEEP

      1536:4k1JCXf3l9izMfUBRq/YxiLvxnjXIRXMMGBkyJMjZROYJT3bQghxHCZUhGCq2iWv:4Nf3wRqQxKvxnsRcaCqGCH

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks