Extracted

• • Target

    JaffaCakes118_5a290a44d7c6f13c4b8621fd4f004600

  • Size

    423KB

  • MD5

    5a290a44d7c6f13c4b8621fd4f004600

  • SHA1

    68a1bf8718ee967c3f9d81f6e1bad0a1700dfe93

  • SHA256

    c2e42a11ed043f3f90c531612dc4fe5fbd170f0e4152d4fcf278a3c841a69fde

  • SHA512

    640e3405c3c65e23c3921cac7fe6b7f75ece9126d0d13b6279e02bb64fe8f8e4454273c41488ae0e6926bd352b0c8b37f02eb44439568c2dc6d863fe5af920dc

  • SSDEEP

    12288:4bK1qiqvX6xlYwT76cdOfLsqTfrnmcfISVLrE:z13lxyS6uOTsq+j2f

  Score

  10^/10

  bdaejecaspackv2backdoorbootkitdiscoverypersistence

  • Bdaejec

    Bdaejec is a backdoor written in C++.

    backdoorbdaejec

  • Bdaejec family

    bdaejec

  • Detects Bdaejec Backdoor.

    Bdaejec is backdoor written in C++.

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Writes to the Master Boot Record (MBR)

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  behavioral1behavioral2