Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

2025-01-07...mi.exe

windows7-x64

10

2025-01-07...mi.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-07_dd114b1eeda8bfb3415c443509d484a2_smoke-loader_wapomi

  • Size

    80KB

  • Sample

    250107-cza9zszlet

  • MD5

    dd114b1eeda8bfb3415c443509d484a2

  • SHA1

    d3430ea93f9345e03b1b22725cd26cbeb9c68819

  • SHA256

    8e2770adb5828aaff604d8c73c0ef49adee3231441776c750cf5680541f3de43

  • SHA512

    8f5ce8fa6410b0213a0be232751b96265d6460dcba1b16a2f97c9735b73c13b88902920634e12e39284a0cd69fa31a8c7bcba78216149fa0a8bd0d5f2f7d7f98

  • SSDEEP

    1536:Kg/6/tM8NXDjPX0QWlfGMckTQy3GCq2iW7z:Jk3U8kTQ4GCH

Score
10/10
bdaejecaspackv2backdoordiscovery

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      2025-01-07_dd114b1eeda8bfb3415c443509d484a2_smoke-loader_wapomi

    • Size

      80KB

    • MD5

      dd114b1eeda8bfb3415c443509d484a2

    • SHA1

      d3430ea93f9345e03b1b22725cd26cbeb9c68819

    • SHA256

      8e2770adb5828aaff604d8c73c0ef49adee3231441776c750cf5680541f3de43

    • SHA512

      8f5ce8fa6410b0213a0be232751b96265d6460dcba1b16a2f97c9735b73c13b88902920634e12e39284a0cd69fa31a8c7bcba78216149fa0a8bd0d5f2f7d7f98

    • SSDEEP

      1536:Kg/6/tM8NXDjPX0QWlfGMckTQy3GCq2iW7z:Jk3U8kTQ4GCH

    Score
    10/10
    bdaejecaspackv2backdoordiscovery

    • Bdaejec

      Bdaejec is a backdoor written in C++.

      backdoorbdaejec

    • Bdaejec family

      bdaejec

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks