bdaejec

General

Target

2025-02-02_5830e22418185f6272c79395908513aa_mafia_wapomi
Size

132KB
Sample

250202-an278aynfm
MD5

5830e22418185f6272c79395908513aa
SHA1

c3f07dd01153aaa19784f654a7fd326c1b16e070
SHA256

07a684272ce50190b07a7e3b7c3db9fe2f1d11c27d2074190b901ebcc3e651d5
SHA512

bd87d3c0276466d5f5040a4ff483e42737fff23663b15b4542820a2d5af2efb6e9d72af279ffd3376d0d8868dab2254849172037e826b122434f66a02d5f6bc0
SSDEEP

1536:a/yDa/CZG+3lCXPVxoINtUdsaWiP6bfDy3Hs4Ed6vS1S6IyHeOUi9w6QGCq2iW7z:amG+EXbbIdsaa43Ed6vxyeO9+GCH

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  2025-02-02_5830e22418185f6272c79395908513aa_mafia_wapomi
- Size
  
  132KB
- MD5
  
  5830e22418185f6272c79395908513aa
- SHA1
  
  c3f07dd01153aaa19784f654a7fd326c1b16e070
- SHA256
  
  07a684272ce50190b07a7e3b7c3db9fe2f1d11c27d2074190b901ebcc3e651d5
- SHA512
  
  bd87d3c0276466d5f5040a4ff483e42737fff23663b15b4542820a2d5af2efb6e9d72af279ffd3376d0d8868dab2254849172037e826b122434f66a02d5f6bc0
- SSDEEP
  
  1536:a/yDa/CZG+3lCXPVxoINtUdsaWiP6bfDy3Hs4Ed6vS1S6IyHeOUi9w6QGCq2iW7z:amG+EXbbIdsaa43Ed6vxyeO9+GCH
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2