bdaejec

General

Target

2025-01-22_6c58b2e82904e2b84d3d9994dd0f8929_icedid_smoke-loader_wapomi
Size

310KB
Sample

250122-2ablwsymh1
MD5

6c58b2e82904e2b84d3d9994dd0f8929
SHA1

8e51a1cc0a6bf9478f1220d3a27c332e09d852a3
SHA256

689192142aad76e56a9387cb2693ea08452cd8e2511b727aea7166db4cfc2a5e
SHA512

fb0931716fb87278a7cc389dcc1a5dc9dc80e1d18306ab4bf3619dd9e98f5d4c3cb20c5a60a68dcc447b29d62836dbec60b369633fda5e35ba678868ce8b40ec
SSDEEP

6144:oznAtGqS5NjM2KbQbNYuhZ+6+eAbuQ5Zu60HnPLhDgWZ:oTLnp+BCQ5Zu60HnP1

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  2025-01-22_6c58b2e82904e2b84d3d9994dd0f8929_icedid_smoke-loader_wapomi
- Size
  
  310KB
- MD5
  
  6c58b2e82904e2b84d3d9994dd0f8929
- SHA1
  
  8e51a1cc0a6bf9478f1220d3a27c332e09d852a3
- SHA256
  
  689192142aad76e56a9387cb2693ea08452cd8e2511b727aea7166db4cfc2a5e
- SHA512
  
  fb0931716fb87278a7cc389dcc1a5dc9dc80e1d18306ab4bf3619dd9e98f5d4c3cb20c5a60a68dcc447b29d62836dbec60b369633fda5e35ba678868ce8b40ec
- SSDEEP
  
  6144:oznAtGqS5NjM2KbQbNYuhZ+6+eAbuQ5Zu60HnPLhDgWZ:oTLnp+BCQ5Zu60HnP1
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2