Extracted

• • Target

    JaffaCakes118_64ac756ae99eb21a7883d0e1b177aee0

  • Size

    842KB

  • MD5

    64ac756ae99eb21a7883d0e1b177aee0

  • SHA1

    0ac236915744319a88f2497010630a63542fa192

  • SHA256

    428d2b34a28bf672cfd60124fa1aa6aaf1ec0758002f6740b8732c2c637cf88a

  • SHA512

    ade263a37769167978b7c1a7a8adfde12d57fe1008e032aaf40d57278c5158f81d1b358032244ac07717d7c29eb5f2a50b098863ae5ef94496d519a810a2d8f0

  • SSDEEP

    12288:89QM1W4lbdag85peRKJ17aV6pWgzHrGhuvj/ZIW/fN9pz:sQMk4lbdatK61eoLz6QnHJ

  Score

  10^/10

  bdaejecaspackv2backdoordiscoveryupx

  • Bdaejec

    Bdaejec is a backdoor written in C++.

    backdoorbdaejec

  • Bdaejec family

    bdaejec

  • Detects Bdaejec Backdoor.

    Bdaejec is backdoor written in C++.

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops desktop.ini file(s)

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2