General
-
Target
6a82815962b65df6b1398b835c440045f1428a98e5722409e9d8fa579a109b6bN.exe
-
Size
6.1MB
-
Sample
241220-fp27ha1mhn
-
MD5
6b5dab403abbdf2933b711a7c06850e0
-
SHA1
2492667d1ddb24cba1d43afbeba9fe29ee6bafe9
-
SHA256
6a82815962b65df6b1398b835c440045f1428a98e5722409e9d8fa579a109b6b
-
SHA512
babc372e53b2d29c52a6b48a168f74e7d11eea89b7d952a3b7228afa60c9acab19f324a10169a57fa7d412f940fd91dd6acacb7546a426fa7b56250d6691116b
-
SSDEEP
196608:s19+YadwOKGOiOe5BoXzsePpRjyO0sTd+kg7:s1AYsQGj5AzsgR04S
Static task
static1
Behavioral task
behavioral1
Sample
6a82815962b65df6b1398b835c440045f1428a98e5722409e9d8fa579a109b6bN.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
6a82815962b65df6b1398b835c440045f1428a98e5722409e9d8fa579a109b6bN.exe
-
Size
6.1MB
-
MD5
6b5dab403abbdf2933b711a7c06850e0
-
SHA1
2492667d1ddb24cba1d43afbeba9fe29ee6bafe9
-
SHA256
6a82815962b65df6b1398b835c440045f1428a98e5722409e9d8fa579a109b6b
-
SHA512
babc372e53b2d29c52a6b48a168f74e7d11eea89b7d952a3b7228afa60c9acab19f324a10169a57fa7d412f940fd91dd6acacb7546a426fa7b56250d6691116b
-
SSDEEP
196608:s19+YadwOKGOiOe5BoXzsePpRjyO0sTd+kg7:s1AYsQGj5AzsgR04S
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-