bdaejec

General

Target

404fac854040dc353931499a4126f52c1800503ecade5a0dc79e726769306374
Size

313KB
Sample

241230-1nt5qasrds
MD5

2f879e96d834d51e2fc74710a551bca3
SHA1

7ce7d00b86aaab1dc7798b691b91eb8f67f9b7e3
SHA256

404fac854040dc353931499a4126f52c1800503ecade5a0dc79e726769306374
SHA512

521d2be4496996891464e10df1ec099de4309d4a2cd1016b14bd148dbe12516dc2e036d7c45603cd950867f472217fb08ac986c46387d63c085417e0b97c23ef
SSDEEP

6144:7qV54oUeSsMY3j0cI8rdYEylF2EHJ8Sj6vzHrh8wDVU3wMs9ZFWM:7qV5dU7oTWKYEEF5J87vzLh8aVJS

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  404fac854040dc353931499a4126f52c1800503ecade5a0dc79e726769306374
- Size
  
  313KB
- MD5
  
  2f879e96d834d51e2fc74710a551bca3
- SHA1
  
  7ce7d00b86aaab1dc7798b691b91eb8f67f9b7e3
- SHA256
  
  404fac854040dc353931499a4126f52c1800503ecade5a0dc79e726769306374
- SHA512
  
  521d2be4496996891464e10df1ec099de4309d4a2cd1016b14bd148dbe12516dc2e036d7c45603cd950867f472217fb08ac986c46387d63c085417e0b97c23ef
- SSDEEP
  
  6144:7qV54oUeSsMY3j0cI8rdYEylF2EHJ8Sj6vzHrh8wDVU3wMs9ZFWM:7qV5dU7oTWKYEEF5J87vzLh8aVJS
Score

10^/10

bdaejec aspackv2 backdoor discovery upx
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2