Overview

overview

10

Static

static

3

2025-01-16...mi.exe

windows7-x64

10

2025-01-16...mi.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-16_6b3e063bac2b74da861b70821fa4563f_smoke-loader_wapomi

  • Size

    80KB

  • Sample

    250116-mhvbmsxker

  • MD5

    6b3e063bac2b74da861b70821fa4563f

  • SHA1

    8fef65132ba1a2db63bdef70be33cfc71864e8d8

  • SHA256

    c184ca57fe2e6b3643f28caf91ae7b6c095155184f65c941e64e5bfc404ffacf

  • SHA512

    ea221edeb9bf84675940f2d902b22805b7b3ba15dcdd910647e7281154cf2bfd8c80df12c5c5856ad95f8ae8055fd3ee7828460809b58f753b65c59afc40e41b

  • SSDEEP

    1536:Yg/6/tM8NXDjPX0QWlfGMckTQbfGCq2iW7z:Hk3U8kTQrGCH

Score
10/10
bdaejecaspackv2backdoordiscovery

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

    • Target

      2025-01-16_6b3e063bac2b74da861b70821fa4563f_smoke-loader_wapomi

    • Size

      80KB

    • MD5

      6b3e063bac2b74da861b70821fa4563f

    • SHA1

      8fef65132ba1a2db63bdef70be33cfc71864e8d8

    • SHA256

      c184ca57fe2e6b3643f28caf91ae7b6c095155184f65c941e64e5bfc404ffacf

    • SHA512

      ea221edeb9bf84675940f2d902b22805b7b3ba15dcdd910647e7281154cf2bfd8c80df12c5c5856ad95f8ae8055fd3ee7828460809b58f753b65c59afc40e41b

    • SSDEEP

      1536:Yg/6/tM8NXDjPX0QWlfGMckTQbfGCq2iW7z:Hk3U8kTQrGCH

    Score
    10/10
    bdaejecaspackv2backdoordiscovery

    • Bdaejec

      Bdaejec is a backdoor written in C++.

      backdoorbdaejec

    • Bdaejec family

      bdaejec

    • Detects Bdaejec Backdoor.

      Bdaejec is backdoor written in C++.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks