General
-
Target
2024-12-21_d8a1b98eb4800d6fcdedf96a8351d10b_smoke-loader_wapomi
-
Size
25KB
-
Sample
241221-b4a94szler
-
MD5
d8a1b98eb4800d6fcdedf96a8351d10b
-
SHA1
f80c1dd61d37ff8ed96f85d74f4343b484c02561
-
SHA256
0e2a0c87ab0621379ca9e380c5b2ae600e60f008e48d9a8a8451fb930e474bf3
-
SHA512
12b6df2748d04f8686cdfa4766d3c330e3c8c5dd400a696908ab896972e559602bb86b6febd529e95deca0c730956daa6d275eef4a63f2b698e7abf34268ac06
-
SSDEEP
384:P2R2sNBczLSsXZQaD7U8iu4YsAa7ZA0UvH2lsRv21yW7GbAxur6+Y9PffPz:Pdic6MQGPL4vzZq2o9W7GsxBbPr
Static task
static1
Behavioral task
behavioral1
Sample
2024-12-21_d8a1b98eb4800d6fcdedf96a8351d10b_smoke-loader_wapomi.exe
Resource
win7-20240708-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-12-21_d8a1b98eb4800d6fcdedf96a8351d10b_smoke-loader_wapomi
-
Size
25KB
-
MD5
d8a1b98eb4800d6fcdedf96a8351d10b
-
SHA1
f80c1dd61d37ff8ed96f85d74f4343b484c02561
-
SHA256
0e2a0c87ab0621379ca9e380c5b2ae600e60f008e48d9a8a8451fb930e474bf3
-
SHA512
12b6df2748d04f8686cdfa4766d3c330e3c8c5dd400a696908ab896972e559602bb86b6febd529e95deca0c730956daa6d275eef4a63f2b698e7abf34268ac06
-
SSDEEP
384:P2R2sNBczLSsXZQaD7U8iu4YsAa7ZA0UvH2lsRv21yW7GbAxur6+Y9PffPz:Pdic6MQGPL4vzZq2o9W7GsxBbPr
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-