bdaejec

General

Target

JaffaCakes118_7936b4c5e4ea7b88180bbe02b475f4c0
Size

114KB
Sample

250104-mpf3lawjbs
MD5

7936b4c5e4ea7b88180bbe02b475f4c0
SHA1

b8c8a9666ffacfe53b1406ea5ee70e1d06a38c00
SHA256

d7eaa8a438203a6cbc21c818de5a36845cd19377a8bd6f529a4fdd596e531689
SHA512

38fd158d13d27148590ffc984cc4ba0300ca9cfd3f0a0c03d03a008cce82ccea352a0b3f246bb150c9097d78129c459a63749fef7526670cfa28b24faa649af5
SSDEEP

1536:q81714Js0b9SK5EROHFrhS/JRa5YJFgdjxv+dkuqKg3DaZvYezxfl12KGCq2iW7z:xr4Jxb32RIRFhueaFYIflvGCH

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  JaffaCakes118_7936b4c5e4ea7b88180bbe02b475f4c0
- Size
  
  114KB
- MD5
  
  7936b4c5e4ea7b88180bbe02b475f4c0
- SHA1
  
  b8c8a9666ffacfe53b1406ea5ee70e1d06a38c00
- SHA256
  
  d7eaa8a438203a6cbc21c818de5a36845cd19377a8bd6f529a4fdd596e531689
- SHA512
  
  38fd158d13d27148590ffc984cc4ba0300ca9cfd3f0a0c03d03a008cce82ccea352a0b3f246bb150c9097d78129c459a63749fef7526670cfa28b24faa649af5
- SSDEEP
  
  1536:q81714Js0b9SK5EROHFrhS/JRa5YJFgdjxv+dkuqKg3DaZvYezxfl12KGCq2iW7z:xr4Jxb32RIRFhueaFYIflvGCH
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2