Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2025-01-09_adcc61dcc627a89a8d0c8d8600420842_smoke-loader_wapomi
-
Size
728KB
-
Sample
250109-txps2awpfj
-
MD5
adcc61dcc627a89a8d0c8d8600420842
-
SHA1
1bb66772cc3c291fc224e6aea06f4c779fc610db
-
SHA256
af6af7b4f8b313d10ccd202dc924091a9e5db7c64f41d3296c6b22cb7a26e05e
-
SHA512
970720e896b7d1f11ab9260f41c670d44d12cd1e50e3a47dd8a4babeef41997a45742b028190676b859f432d728c55b4d1c76d47f4e61a56f96cb1d9603a37e4
-
SSDEEP
12288:AU+9H3900EJqrekLEyTYQcDL/TNuUCziP6VFGO5lrEaKYNtcBvAuvlee2NCFbLk5:AU+9XNrenyktDLdYNtcdvQNC9wHAP5cp
Static task
static1
Behavioral task
behavioral1
Sample
2025-01-09_adcc61dcc627a89a8d0c8d8600420842_smoke-loader_wapomi.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2025-01-09_adcc61dcc627a89a8d0c8d8600420842_smoke-loader_wapomi
-
Size
728KB
-
MD5
adcc61dcc627a89a8d0c8d8600420842
-
SHA1
1bb66772cc3c291fc224e6aea06f4c779fc610db
-
SHA256
af6af7b4f8b313d10ccd202dc924091a9e5db7c64f41d3296c6b22cb7a26e05e
-
SHA512
970720e896b7d1f11ab9260f41c670d44d12cd1e50e3a47dd8a4babeef41997a45742b028190676b859f432d728c55b4d1c76d47f4e61a56f96cb1d9603a37e4
-
SSDEEP
12288:AU+9H3900EJqrekLEyTYQcDL/TNuUCziP6VFGO5lrEaKYNtcBvAuvlee2NCFbLk5:AU+9XNrenyktDLdYNtcdvQNC9wHAP5cp
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-