General

  • Target

    dac718a55abbcd77194d44114a02e419bc18642f66b77061baf08fd062c8d21eN.exe

  • Size

    96KB

  • Sample

    241218-nt8h3sxlgx

  • MD5

    eb742670a57f837aa07b4926df729570

  • SHA1

    3da5787bc788212e00d3eafa72343b86c6661e64

  • SHA256

    dac718a55abbcd77194d44114a02e419bc18642f66b77061baf08fd062c8d21e

  • SHA512

    27111badf888ed787366f4daadbc6e3b28f07347221bd7f364d1ac1dca1dc09819a9dfdf5a921a15cb363d38357959110bdda759d9fb80b6ccf6764485800ff7

  • SSDEEP

    1536:pECLKU4+dwC/p0cQ7ZCAINqPDHuXnvE0oK1yyGCq2iW7z:pJLrp0cQ7QAINqPDHQncKGCH

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      dac718a55abbcd77194d44114a02e419bc18642f66b77061baf08fd062c8d21eN.exe

    • Size

      96KB

    • MD5

      eb742670a57f837aa07b4926df729570

    • SHA1

      3da5787bc788212e00d3eafa72343b86c6661e64

    • SHA256

      dac718a55abbcd77194d44114a02e419bc18642f66b77061baf08fd062c8d21e

    • SHA512

      27111badf888ed787366f4daadbc6e3b28f07347221bd7f364d1ac1dca1dc09819a9dfdf5a921a15cb363d38357959110bdda759d9fb80b6ccf6764485800ff7

    • SSDEEP

      1536:pECLKU4+dwC/p0cQ7ZCAINqPDHuXnvE0oK1yyGCq2iW7z:pJLrp0cQ7QAINqPDHQncKGCH

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks