bdaejec

General

Target

8fe8638fc0de6cc719a93d19c35becb82f06f1c1d00f09e3e9afb62f72b5a7a5.exe
Size

104KB
Sample

241231-fw8b4azjcx
MD5

0f3ea0f5dd4f63c920b1985ece3f7b4f
SHA1

a2b827719e963078f0bfe3648b83ea148851d96d
SHA256

8fe8638fc0de6cc719a93d19c35becb82f06f1c1d00f09e3e9afb62f72b5a7a5
SHA512

3fade54ae287a8e28ca44fcceb0372819668574df394a84a851801edae8f4ea080d4b47bb55bce33721528087d3dcc233256fa9cbb13edaf1b15bb88e3b0d520
SSDEEP

1536:DFEL0c3++wG5NlKOln9N7oKsMmuB2IMokC+0FfHYToSMygGCq2iW7zq:DFUxlnjmDXokC+GfHYToSMTGCHm

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  8fe8638fc0de6cc719a93d19c35becb82f06f1c1d00f09e3e9afb62f72b5a7a5.exe
- Size
  
  104KB
- MD5
  
  0f3ea0f5dd4f63c920b1985ece3f7b4f
- SHA1
  
  a2b827719e963078f0bfe3648b83ea148851d96d
- SHA256
  
  8fe8638fc0de6cc719a93d19c35becb82f06f1c1d00f09e3e9afb62f72b5a7a5
- SHA512
  
  3fade54ae287a8e28ca44fcceb0372819668574df394a84a851801edae8f4ea080d4b47bb55bce33721528087d3dcc233256fa9cbb13edaf1b15bb88e3b0d520
- SSDEEP
  
  1536:DFEL0c3++wG5NlKOln9N7oKsMmuB2IMokC+0FfHYToSMygGCq2iW7zq:DFUxlnjmDXokC+GfHYToSMTGCHm
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2