bdaejec

General

Target

2024-12-25_0c6b18aa61f131c6fa0f551b97936936_icedid_smoke-loader_wapomi
Size

640KB
Sample

241225-y5pv8awmbs
MD5

0c6b18aa61f131c6fa0f551b97936936
SHA1

adb7ad2f7de18745cb0e87099292ed89294caf1d
SHA256

1cab3555f1b1d226fa4549b83395a0d3625a1d846372f793153429e6d578d31b
SHA512

c24eded4105e53dbf7c8fb6c1134e9c8ebc518e2bffe876cac3b0849b95ee72900c5bfc596d7f97749e141cc457e255e1b291ae34e65ee86877af75a99f8d3b9
SSDEEP

12288:hJUvxKcxpJ6HL3D0jwiZcaKqqnfrjSZYqWP8Eq7tbgVv09smaM:U3xQDdiZcaKZYkq7tbg9

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  2024-12-25_0c6b18aa61f131c6fa0f551b97936936_icedid_smoke-loader_wapomi
- Size
  
  640KB
- MD5
  
  0c6b18aa61f131c6fa0f551b97936936
- SHA1
  
  adb7ad2f7de18745cb0e87099292ed89294caf1d
- SHA256
  
  1cab3555f1b1d226fa4549b83395a0d3625a1d846372f793153429e6d578d31b
- SHA512
  
  c24eded4105e53dbf7c8fb6c1134e9c8ebc518e2bffe876cac3b0849b95ee72900c5bfc596d7f97749e141cc457e255e1b291ae34e65ee86877af75a99f8d3b9
- SSDEEP
  
  12288:hJUvxKcxpJ6HL3D0jwiZcaKqqnfrjSZYqWP8Eq7tbgVv09smaM:U3xQDdiZcaKZYkq7tbg9
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2