General
-
Target
2024-12-19_9bb001947e87fc7879f63de7b60ec076_smoke-loader_wapomi
-
Size
717KB
-
Sample
241219-as4lvazkeq
-
MD5
9bb001947e87fc7879f63de7b60ec076
-
SHA1
d6fd5ee88c4cf2dc2e46df82ed9283d95a5565ff
-
SHA256
086a7bd72c369b57f2d99e9c4cd02aff2f34957e05a6e23aa6e473464e1bcec4
-
SHA512
a4cadc77962ccd8c6de4da4fb59a1543d766944bbb691445a942a510b5ca2007cf87e1eda9f36ad966313c582c9fd4b5fa382587a24891930185ca40d744c5c7
-
SSDEEP
12288:MHFxvB5sByc3OR1egDoY1RE/t03kLa7wNuMkoH8ajKUE3P3QeUAqskrVK8O92L18:MlxEByc3yoY1RbULaDUhK8h1LUQFE5N/
Static task
static1
Behavioral task
behavioral1
Sample
2024-12-19_9bb001947e87fc7879f63de7b60ec076_smoke-loader_wapomi.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-12-19_9bb001947e87fc7879f63de7b60ec076_smoke-loader_wapomi
-
Size
717KB
-
MD5
9bb001947e87fc7879f63de7b60ec076
-
SHA1
d6fd5ee88c4cf2dc2e46df82ed9283d95a5565ff
-
SHA256
086a7bd72c369b57f2d99e9c4cd02aff2f34957e05a6e23aa6e473464e1bcec4
-
SHA512
a4cadc77962ccd8c6de4da4fb59a1543d766944bbb691445a942a510b5ca2007cf87e1eda9f36ad966313c582c9fd4b5fa382587a24891930185ca40d744c5c7
-
SSDEEP
12288:MHFxvB5sByc3OR1egDoY1RE/t03kLa7wNuMkoH8ajKUE3P3QeUAqskrVK8O92L18:MlxEByc3yoY1RbULaDUhK8h1LUQFE5N/
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-