bdaejec | 55674c75630907c55ad91d1d1b85eaec7afabf8125c77057986da85eeb04083f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

2025-01-02...mi.exe

windows7-x64

2025-01-02...mi.exe

windows10-2004-x64

Sharing

General

Target

2025-01-02_c00bf083f050fb5d35b97bceb47f242e_wannacry_wapomi
Size

3.6MB
Sample

250102-2edbaayjbs
MD5

c00bf083f050fb5d35b97bceb47f242e
SHA1

4685e6d474c6576ea40514ab922514319031fb5c
SHA256

55674c75630907c55ad91d1d1b85eaec7afabf8125c77057986da85eeb04083f
SHA512

9911c5084c3872707f77be315d9a011c01645ad90d7b8061c869f165ef727a6573c798c958934c833214ae6618468c06552224da882042e218d6e3b1abc71f38
SSDEEP

98304:iDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:iDqPe1Cxcxk3ZAEUadzR8yc4H

Score

10^/10

bdaejec aspackv2 backdoor discovery evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2025-01-02_c00bf083f050fb5d35b97bceb47f242e_wannacry_wapomi.exe

Resource

win7-20240903-en

bdaejec aspackv2 backdoor discovery

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-01-02_c00bf083f050fb5d35b97bceb47f242e_wannacry_wapomi.exe

Resource

win10v2004-20241007-en

bdaejec aspackv2 backdoor discovery evasion

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  2025-01-02_c00bf083f050fb5d35b97bceb47f242e_wannacry_wapomi
- Size
  
  3.6MB
- MD5
  
  c00bf083f050fb5d35b97bceb47f242e
- SHA1
  
  4685e6d474c6576ea40514ab922514319031fb5c
- SHA256
  
  55674c75630907c55ad91d1d1b85eaec7afabf8125c77057986da85eeb04083f
- SHA512
  
  9911c5084c3872707f77be315d9a011c01645ad90d7b8061c869f165ef727a6573c798c958934c833214ae6618468c06552224da882042e218d6e3b1abc71f38
- SSDEEP
  
  98304:iDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:iDqPe1Cxcxk3ZAEUadzR8yc4H
Score

10^/10

bdaejec aspackv2 backdoor discovery evasion
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bdaejecaspackv2backdoordiscovery

behavioral2

bdaejecaspackv2backdoordiscoveryevasion

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.