Extracted

• • Target

    2024-12-21_452229d1ce1b93d955e7c94405f8d3dd_smoke-loader_wapomi

  • Size

    335KB

  • MD5

    452229d1ce1b93d955e7c94405f8d3dd

  • SHA1

    436ae9004f9ebec26da30ae7efeaf807cdbb0d45

  • SHA256

    4539e736b893f92d4d240a4b9c07fce3fede4e499acab982c976fa35026dbb89

  • SHA512

    128098bf72a0e28ec112b5d39585a37c1c6d845013c957de4dfe4b2f9480675b75c148fba49674d217eff5e052decb1403ac23d7f0d1609eb9a466915a121b7e

  • SSDEEP

    6144:JljuGQohwwFwMDkf4ySkg1TCnh99nVPZPFtDwxJvV8F:njuGDhw2zkfMz9CnXFVPZLUG

  Score

  10^/10

  bdaejecaspackv2backdoordiscoveryspywarestealer

  • Bdaejec

    Bdaejec is a backdoor written in C++.

    backdoorbdaejec

  • Bdaejec family

    bdaejec

  • Detects Bdaejec Backdoor.

    Bdaejec is backdoor written in C++.

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  behavioral1behavioral2