Extracted

• • Target

    JaffaCakes118_68b0b12f2c11a69b328dd5daccb2b630

  • Size

    51KB

  • MD5

    68b0b12f2c11a69b328dd5daccb2b630

  • SHA1

    2ebc156bb93847d3ba00233b06b560046e1d1617

  • SHA256

    de1d475296a20b5b797576dfeb9f5b9936d5b0ca757c27637a63cec022d38e6f

  • SHA512

    4c23ccf54e5a4cce1a2d177432eaf58e44a0c9a97b47405650769752defafd04cece4670a303be7e7787209f1dc07b5ab7db89e7aef7ceebee69eb5ce17d7076

  • SSDEEP

    768:2aVccV3nL7FsbsrSCrtOtS6Y8cXB41VjsTaXx4ln3GahaU5YOFgzum64WDG9xzbz:2aVf3smSCZOtS6YhX0JlahaqYN1WDG

  Score

  10^/10

  bdaejecaspackv2backdoordiscoveryupx

  • Bdaejec

    Bdaejec is a backdoor written in C++.

    backdoorbdaejec

  • Bdaejec family

    bdaejec

  • Detects Bdaejec Backdoor.

    Bdaejec is backdoor written in C++.

  • Detected Nirsoft tools

    Free utilities often used by attackers which can steal passwords, product keys, etc.

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2