bdaejec

General

Target

2025-02-23_aaf5a1b011bdb3485b589e7e974a54dc_smoke-loader_wapomi
Size

304KB
Sample

250223-za3dhawnar
MD5

aaf5a1b011bdb3485b589e7e974a54dc
SHA1

a798be6f78098acc067cce690fb0842c530a2266
SHA256

c7846b65acfa8901f6c5a81ac551e8c5ba041b2b6b047bdf6ee53093a1153527
SHA512

bb0e48f253d60951f5556efae8f3364d176ba130c8bf88cd3af7edc36809c80eac7d85f175807ce30e106973c178de00a17f82cd269e3cfc2e4a3e6a29a504a6
SSDEEP

6144:rBULviqYnI3QA7JTXRnZSHL2GZbkG/TZgLgst2rDkXNBR:TqBlG/TZgUsxXNB

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  2025-02-23_aaf5a1b011bdb3485b589e7e974a54dc_smoke-loader_wapomi
- Size
  
  304KB
- MD5
  
  aaf5a1b011bdb3485b589e7e974a54dc
- SHA1
  
  a798be6f78098acc067cce690fb0842c530a2266
- SHA256
  
  c7846b65acfa8901f6c5a81ac551e8c5ba041b2b6b047bdf6ee53093a1153527
- SHA512
  
  bb0e48f253d60951f5556efae8f3364d176ba130c8bf88cd3af7edc36809c80eac7d85f175807ce30e106973c178de00a17f82cd269e3cfc2e4a3e6a29a504a6
- SSDEEP
  
  6144:rBULviqYnI3QA7JTXRnZSHL2GZbkG/TZgLgst2rDkXNBR:TqBlG/TZgUsxXNB
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2