bdaejec | 225ae7e559927f217d70a4773ee6d6a36638d407e6f15304e8cfb91a21e0074b | Triage

Submit
Reports

Overview

overview

Static

static

3

225ae7e559...bN.exe

windows7-x64

225ae7e559...bN.exe

windows10-2004-x64

Sharing

General

Target

225ae7e559927f217d70a4773ee6d6a36638d407e6f15304e8cfb91a21e0074bN.exe
Size

930KB
Sample

250102-fn8mwsvkdt
MD5

4ff422aaf92192acde1d014cc7fc8490
SHA1

c7a1d01c21bdb07143a59e591d481ffe26705ced
SHA256

225ae7e559927f217d70a4773ee6d6a36638d407e6f15304e8cfb91a21e0074b
SHA512

7c8dde9e265bb6ce2fd7f7211a988e3e744101ba50016d02814724aea125085639c7b2e49a3fdedd68a02293be4969bbd853d587b984cde3597104617bb95ed9
SSDEEP

12288:hr+/U0UAQ0QkiWNlyxRCugvijhCWTJUuD6q9RIHwjMj+F8ii6JqgkYUV+I7cKRg8:hqBUAPiWNA0vijQWquD2wjqIO6lnicK

Score

10^/10

bdaejec aspackv2 backdoor discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

225ae7e559927f217d70a4773ee6d6a36638d407e6f15304e8cfb91a21e0074bN.exe

Resource

win7-20240903-en

bdaejec aspackv2 backdoor discovery

windows7-x64

14 signatures

120 seconds

Behavioral task

behavioral2

Sample

225ae7e559927f217d70a4773ee6d6a36638d407e6f15304e8cfb91a21e0074bN.exe

Resource

win10v2004-20241007-en

bdaejec aspackv2 backdoor discovery

windows10-2004-x64

15 signatures

120 seconds

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  225ae7e559927f217d70a4773ee6d6a36638d407e6f15304e8cfb91a21e0074bN.exe
- Size
  
  930KB
- MD5
  
  4ff422aaf92192acde1d014cc7fc8490
- SHA1
  
  c7a1d01c21bdb07143a59e591d481ffe26705ced
- SHA256
  
  225ae7e559927f217d70a4773ee6d6a36638d407e6f15304e8cfb91a21e0074b
- SHA512
  
  7c8dde9e265bb6ce2fd7f7211a988e3e744101ba50016d02814724aea125085639c7b2e49a3fdedd68a02293be4969bbd853d587b984cde3597104617bb95ed9
- SSDEEP
  
  12288:hr+/U0UAQ0QkiWNlyxRCugvijhCWTJUuD6q9RIHwjMj+F8ii6JqgkYUV+I7cKRg8:hqBUAPiWNA0vijQWquD2wjqIO6lnicK
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bdaejecaspackv2backdoordiscovery

behavioral2

bdaejecaspackv2backdoordiscovery

© 2018-2025

Terms | Privacy