bdaejec

General

Target

JaffaCakes118_60433a5ba519475e6faa1a4f7210bc20
Size

169KB
Sample

250101-x9ltpaspal
MD5

60433a5ba519475e6faa1a4f7210bc20
SHA1

0bafd67adf0969d28ef14d836b7c9e8219c93780
SHA256

ce435ba894f3737d0abe06180b9114e20d122240fded0685bd63db4a020a7a83
SHA512

7d1603ab400ba232c1968cd662af3a705e1313f8d912d52a2a30e40f1fb79bce34a18e98ef38837a936e847b5d8b4e738923d0af4572e7cf77011fd1326a861f
SSDEEP

1536:9I2t937an08bcn6kwOgKhlgvwf+l+OBDY4f2XdR7TPk3BfEBZWEzMNGCq2iW7z:tbadAn67Ogvl+qlKdR7TPk8XWEzQGCH

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  JaffaCakes118_60433a5ba519475e6faa1a4f7210bc20
- Size
  
  169KB
- MD5
  
  60433a5ba519475e6faa1a4f7210bc20
- SHA1
  
  0bafd67adf0969d28ef14d836b7c9e8219c93780
- SHA256
  
  ce435ba894f3737d0abe06180b9114e20d122240fded0685bd63db4a020a7a83
- SHA512
  
  7d1603ab400ba232c1968cd662af3a705e1313f8d912d52a2a30e40f1fb79bce34a18e98ef38837a936e847b5d8b4e738923d0af4572e7cf77011fd1326a861f
- SSDEEP
  
  1536:9I2t937an08bcn6kwOgKhlgvwf+l+OBDY4f2XdR7TPk3BfEBZWEzMNGCq2iW7z:tbadAn67Ogvl+qlKdR7TPk8XWEzQGCH
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2