Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-12-29_9174158b042bc1f973ea3e08ae331ff4_smoke-loader_wapomi

  • Size

    24KB

  • Sample

    241229-eyvy4ssmex

  • MD5

    9174158b042bc1f973ea3e08ae331ff4

  • SHA1

    ac838ec21f0270638fc38ffcad8ebde87228a618

  • SHA256

    a7f80eca9acc257cd8e84cc443ce202d4350d226b2671902449281ffd93e98b4

  • SHA512

    11d531d30deae98b399caaef59bae6132ba6f297c96c7adb9dd3306ccc45105a65e7cb0ec55e7d0e160b272e7b9018249551d8a9ebbbc791ac70dba4567ef421

  • SSDEEP

    384:vVMEEDYM3MVAgrgQSriXZQaD7U8iu4YsAa7ZA0UvH2lsRv21yW7GbAxur6+Y9Pfj:vGE4YM32A4ar2QGPL4vzZq2o9W7GsxB3

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      2024-12-29_9174158b042bc1f973ea3e08ae331ff4_smoke-loader_wapomi

    • Size

      24KB

    • MD5

      9174158b042bc1f973ea3e08ae331ff4

    • SHA1

      ac838ec21f0270638fc38ffcad8ebde87228a618

    • SHA256

      a7f80eca9acc257cd8e84cc443ce202d4350d226b2671902449281ffd93e98b4

    • SHA512

      11d531d30deae98b399caaef59bae6132ba6f297c96c7adb9dd3306ccc45105a65e7cb0ec55e7d0e160b272e7b9018249551d8a9ebbbc791ac70dba4567ef421

    • SSDEEP

      384:vVMEEDYM3MVAgrgQSriXZQaD7U8iu4YsAa7ZA0UvH2lsRv21yW7GbAxur6+Y9Pfj:vGE4YM32A4ar2QGPL4vzZq2o9W7GsxB3

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks