General

  • Target

    2024-12-19_9bb001947e87fc7879f63de7b60ec076_smoke-loader_wapomi

  • Size

    717KB

  • Sample

    241219-as4lvazkeq

  • MD5

    9bb001947e87fc7879f63de7b60ec076

  • SHA1

    d6fd5ee88c4cf2dc2e46df82ed9283d95a5565ff

  • SHA256

    086a7bd72c369b57f2d99e9c4cd02aff2f34957e05a6e23aa6e473464e1bcec4

  • SHA512

    a4cadc77962ccd8c6de4da4fb59a1543d766944bbb691445a942a510b5ca2007cf87e1eda9f36ad966313c582c9fd4b5fa382587a24891930185ca40d744c5c7

  • SSDEEP

    12288:MHFxvB5sByc3OR1egDoY1RE/t03kLa7wNuMkoH8ajKUE3P3QeUAqskrVK8O92L18:MlxEByc3yoY1RbULaDUhK8h1LUQFE5N/

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      2024-12-19_9bb001947e87fc7879f63de7b60ec076_smoke-loader_wapomi

    • Size

      717KB

    • MD5

      9bb001947e87fc7879f63de7b60ec076

    • SHA1

      d6fd5ee88c4cf2dc2e46df82ed9283d95a5565ff

    • SHA256

      086a7bd72c369b57f2d99e9c4cd02aff2f34957e05a6e23aa6e473464e1bcec4

    • SHA512

      a4cadc77962ccd8c6de4da4fb59a1543d766944bbb691445a942a510b5ca2007cf87e1eda9f36ad966313c582c9fd4b5fa382587a24891930185ca40d744c5c7

    • SSDEEP

      12288:MHFxvB5sByc3OR1egDoY1RE/t03kLa7wNuMkoH8ajKUE3P3QeUAqskrVK8O92L18:MlxEByc3yoY1RbULaDUhK8h1LUQFE5N/

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks