bdaejec

General

Target

2025-01-21_f482f8628d2c6228ad5d2b1cdc089b6f_icedid_smoke-loader_wapomi
Size

561KB
Sample

250121-c9x7haslhq
MD5

f482f8628d2c6228ad5d2b1cdc089b6f
SHA1

6e2d73ded040010ea239b892efc4164c9f92362a
SHA256

b5f77605f3372b9bd1ca3b696c82b1c099fa3c7866dd392f9c4e5ed48dd5e5c8
SHA512

abd042ddcd28922dbb4929d654458d9b8bf6b8743a76c834a1d155dc910092cea2befb6ee37e73d723da4ff2b1ba096d11b6d52138df4ba2b0c6e71a9598d69d
SSDEEP

12288:knsIcbXp6mxTx1H4yhMbBgOMU5ouiDaFSwNZi+s4fw:knscoyyhMbBgOrhiJSTfw

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  2025-01-21_f482f8628d2c6228ad5d2b1cdc089b6f_icedid_smoke-loader_wapomi
- Size
  
  561KB
- MD5
  
  f482f8628d2c6228ad5d2b1cdc089b6f
- SHA1
  
  6e2d73ded040010ea239b892efc4164c9f92362a
- SHA256
  
  b5f77605f3372b9bd1ca3b696c82b1c099fa3c7866dd392f9c4e5ed48dd5e5c8
- SHA512
  
  abd042ddcd28922dbb4929d654458d9b8bf6b8743a76c834a1d155dc910092cea2befb6ee37e73d723da4ff2b1ba096d11b6d52138df4ba2b0c6e71a9598d69d
- SSDEEP
  
  12288:knsIcbXp6mxTx1H4yhMbBgOMU5ouiDaFSwNZi+s4fw:knscoyyhMbBgOrhiJSTfw
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2