bdaejec

General

Target

JaffaCakes118_6b59b5b2bb6bb6e39b5fe41869129d10
Size

48KB
Sample

250103-j9pzfsylgr
MD5

6b59b5b2bb6bb6e39b5fe41869129d10
SHA1

160b52c6897aed5bffee9062ef16397833f9d7ff
SHA256

011cf24873183edf6de696e31b739d76b91bf5ec6edf017faf58f438829cd32e
SHA512

2ad97a59872f9bff1dab0c29da1580d11b8248a76e9c516ef5957e77e005762cf2d9543ffaf25a8ffa3fc863195b2e0afd93a0fbbc6fed7cc427954b4e9ea55c
SSDEEP

768:vcrhjlH1IyaQxVh+jMoXFwEQGPL4vzZq2o9W7GsxBbPr:u9dhxLboXFwXGCq2iW7z

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  JaffaCakes118_6b59b5b2bb6bb6e39b5fe41869129d10
- Size
  
  48KB
- MD5
  
  6b59b5b2bb6bb6e39b5fe41869129d10
- SHA1
  
  160b52c6897aed5bffee9062ef16397833f9d7ff
- SHA256
  
  011cf24873183edf6de696e31b739d76b91bf5ec6edf017faf58f438829cd32e
- SHA512
  
  2ad97a59872f9bff1dab0c29da1580d11b8248a76e9c516ef5957e77e005762cf2d9543ffaf25a8ffa3fc863195b2e0afd93a0fbbc6fed7cc427954b4e9ea55c
- SSDEEP
  
  768:vcrhjlH1IyaQxVh+jMoXFwEQGPL4vzZq2o9W7GsxBbPr:u9dhxLboXFwXGCq2iW7z
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2