General

  • Target

    ebba99d52b8573eccf4e566a381cb26a2892ccfb573313d55312a4fc42542431

  • Size

    148KB

  • Sample

    241217-ey932azqew

  • MD5

    0db37b52324039387df2794d0eed36c7

  • SHA1

    3d9ff3ffc8f55def2c1d64d3ebf18f06f7e2bf61

  • SHA256

    ebba99d52b8573eccf4e566a381cb26a2892ccfb573313d55312a4fc42542431

  • SHA512

    11c625c73c29215334047e67f1ab6e23c28180592f0d358f8d7bea80c84dfdc36e8cb7b2f82bf160c3fe5a9f0df05de1dcdf0de54b5a4902cea8e1e83d77bbbb

  • SSDEEP

    1536:6k1JCXf3l9izMfUBRq/YxiLvxnjXIRXMMGBkyJMjZROYJT3bQghxHCZT6GCq2iWv:6Nf3wRqQxKvxnsRcaCUGCH

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      ebba99d52b8573eccf4e566a381cb26a2892ccfb573313d55312a4fc42542431

    • Size

      148KB

    • MD5

      0db37b52324039387df2794d0eed36c7

    • SHA1

      3d9ff3ffc8f55def2c1d64d3ebf18f06f7e2bf61

    • SHA256

      ebba99d52b8573eccf4e566a381cb26a2892ccfb573313d55312a4fc42542431

    • SHA512

      11c625c73c29215334047e67f1ab6e23c28180592f0d358f8d7bea80c84dfdc36e8cb7b2f82bf160c3fe5a9f0df05de1dcdf0de54b5a4902cea8e1e83d77bbbb

    • SSDEEP

      1536:6k1JCXf3l9izMfUBRq/YxiLvxnjXIRXMMGBkyJMjZROYJT3bQghxHCZT6GCq2iWv:6Nf3wRqQxKvxnsRcaCUGCH

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks