Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_621abe7c5a8868e2726993a8c8862ce0

  • Size

    116KB

  • Sample

    250102-cx7v6s1kgn

  • MD5

    621abe7c5a8868e2726993a8c8862ce0

  • SHA1

    35f73213119b89a4029e46b10035959122a4f9bb

  • SHA256

    89a6505949540cbb58f7ea016e9eebcc38cbbfef513f9f862d7d2134324ca123

  • SHA512

    4bde9c45cfad26e7034d3210643f03662e702182c75301f6a632059cd6de55333f42d8d6aa587a4969335c338703c03ea82d8e9ebded44b49cd06c9872b26e6b

  • SSDEEP

    1536:/XeIl5drx0PnQHx1kQDukZgdE0or/ny4VUMtTDiGCq2iW7z:J1HMJE0aq4CMtTWGCH

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      JaffaCakes118_621abe7c5a8868e2726993a8c8862ce0

    • Size

      116KB

    • MD5

      621abe7c5a8868e2726993a8c8862ce0

    • SHA1

      35f73213119b89a4029e46b10035959122a4f9bb

    • SHA256

      89a6505949540cbb58f7ea016e9eebcc38cbbfef513f9f862d7d2134324ca123

    • SHA512

      4bde9c45cfad26e7034d3210643f03662e702182c75301f6a632059cd6de55333f42d8d6aa587a4969335c338703c03ea82d8e9ebded44b49cd06c9872b26e6b

    • SSDEEP

      1536:/XeIl5drx0PnQHx1kQDukZgdE0or/ny4VUMtTDiGCq2iW7z:J1HMJE0aq4CMtTWGCH

    • Bdaejec

      Bdaejec is a backdoor written in C++.

    • Bdaejec family

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks