bdaejec

General

Target

JaffaCakes118_6a4d9da58e77bfcc0a29c2005f6f4d10
Size

583KB
Sample

250103-fb44yasper
MD5

6a4d9da58e77bfcc0a29c2005f6f4d10
SHA1

0ac0130463faa523d1855fafa1ba6011159c00e2
SHA256

d9c82ca8aff109ea72072c57e3e03c5f8401c14d01ec4ae4cbcad35920ca9347
SHA512

12dc75c0f18efeeecd37245939bbcd852a804cb53ce038c0bd11e37666da89cb9703759188271ef1cdd2b6e40b20e189f8823378e1cebbcbe6fc76e544f90fc5
SSDEEP

12288:ZgCYxPVQ1KRLLIyDASbumfbKFsdrojwSzunLEjzaQ/K1V+qr:ZgCYQ1LGum4sx8Kofd/uV+w

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  JaffaCakes118_6a4d9da58e77bfcc0a29c2005f6f4d10
- Size
  
  583KB
- MD5
  
  6a4d9da58e77bfcc0a29c2005f6f4d10
- SHA1
  
  0ac0130463faa523d1855fafa1ba6011159c00e2
- SHA256
  
  d9c82ca8aff109ea72072c57e3e03c5f8401c14d01ec4ae4cbcad35920ca9347
- SHA512
  
  12dc75c0f18efeeecd37245939bbcd852a804cb53ce038c0bd11e37666da89cb9703759188271ef1cdd2b6e40b20e189f8823378e1cebbcbe6fc76e544f90fc5
- SSDEEP
  
  12288:ZgCYxPVQ1KRLLIyDASbumfbKFsdrojwSzunLEjzaQ/K1V+qr:ZgCYQ1LGum4sx8Kofd/uV+w
Score

10^/10

bdaejec aspackv2 backdoor discovery upx
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2