General

  • Target

    b063fee3ed8ead1eedfd5fb7c56041cb602fa22b5c12b0510a15b860768de83a

  • Size

    80KB

  • Sample

    241230-cqmawsvldq

  • MD5

    e9dfc81b4d5e62a76f479a6512816adc

  • SHA1

    d53bc309862178d5bc5409d2ba1246dba44f455a

  • SHA256

    b063fee3ed8ead1eedfd5fb7c56041cb602fa22b5c12b0510a15b860768de83a

  • SHA512

    e4ee2b417918e6281f6078cee48b19b27d774e236553af67b5c674d97b5d71275c0b496f8a4bc16097e8e13cad1cdb92bb0c31e598e02034a31893fbb8efa463

  • SSDEEP

    1536:2HB0UxMkzOt7HcvJGt5AdHIOWnToIf12ZpSGCq2iW7z:2hAWJGSCTBf12ZsGCH

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      b063fee3ed8ead1eedfd5fb7c56041cb602fa22b5c12b0510a15b860768de83a

    • Size

      80KB

    • MD5

      e9dfc81b4d5e62a76f479a6512816adc

    • SHA1

      d53bc309862178d5bc5409d2ba1246dba44f455a

    • SHA256

      b063fee3ed8ead1eedfd5fb7c56041cb602fa22b5c12b0510a15b860768de83a

    • SHA512

      e4ee2b417918e6281f6078cee48b19b27d774e236553af67b5c674d97b5d71275c0b496f8a4bc16097e8e13cad1cdb92bb0c31e598e02034a31893fbb8efa463

    • SSDEEP

      1536:2HB0UxMkzOt7HcvJGt5AdHIOWnToIf12ZpSGCq2iW7z:2hAWJGSCTBf12ZsGCH

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks