bdaejec | 4b27879fd8ec98d3de9c84efb01ae3a6bcef0ba1bc9a7238d7279e9b2a9ff553 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

4b27879fd8...3N.exe

windows10-2004-x64

Sharing

General

Target

4b27879fd8ec98d3de9c84efb01ae3a6bcef0ba1bc9a7238d7279e9b2a9ff553N.exe
Size

91KB
Sample

241230-zf3apaxpbn
MD5

c9fcda4385f7ce27f2d1373d8271bb10
SHA1

72fcc97bb3501b026050adcc356862c1021a4a80
SHA256

4b27879fd8ec98d3de9c84efb01ae3a6bcef0ba1bc9a7238d7279e9b2a9ff553
SHA512

bea0e9c96620f5add256efc2e51e83b42efb5f5073c5a2af344028aa4f21c9164426958c4d7c195bac7a864f133b2f82867828fef4662890efe94df0d9fdd5f2
SSDEEP

1536:jiq1GxAg85me0rfAJMsa2tjdMF4O7WV2XmatGCq2iW7z:jiqExAf5me0rfAJMsa2hyRWV2vtGCH

Score

10^/10

bdaejec aspackv2 backdoor discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4b27879fd8ec98d3de9c84efb01ae3a6bcef0ba1bc9a7238d7279e9b2a9ff553N.exe

Resource

win10v2004-20241007-en

bdaejec aspackv2 backdoor discovery

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  4b27879fd8ec98d3de9c84efb01ae3a6bcef0ba1bc9a7238d7279e9b2a9ff553N.exe
- Size
  
  91KB
- MD5
  
  c9fcda4385f7ce27f2d1373d8271bb10
- SHA1
  
  72fcc97bb3501b026050adcc356862c1021a4a80
- SHA256
  
  4b27879fd8ec98d3de9c84efb01ae3a6bcef0ba1bc9a7238d7279e9b2a9ff553
- SHA512
  
  bea0e9c96620f5add256efc2e51e83b42efb5f5073c5a2af344028aa4f21c9164426958c4d7c195bac7a864f133b2f82867828fef4662890efe94df0d9fdd5f2
- SSDEEP
  
  1536:jiq1GxAg85me0rfAJMsa2tjdMF4O7WV2XmatGCq2iW7z:jiqExAf5me0rfAJMsa2hyRWV2vtGCH
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bdaejecaspackv2backdoordiscovery

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.