bdaejec

General

Target

2025-02-24_1cab8f1d349224ed62bf14de12e9bafd_bkransomware_karagany_wapomi
Size

98KB
Sample

250224-e3xnha1jgk
MD5

1cab8f1d349224ed62bf14de12e9bafd
SHA1

d7d07a14522563d7a9fca9c8227ce138604fb05c
SHA256

29a2728fdcbfe14997b7825270196c5873f529f158a21641be7b5567904b959d
SHA512

ae1964bfc3f0a838eb1321e0ab7f0caea043d46058ff35a00c285a4280d7a7d673e7a5e9d5a9cfaaa63035c695e7bbd11c6b93182c306786031abce55da904b9
SSDEEP

1536:xlbzRLkKWDmJJifu5IksCt5IKygvQPcCsWjcdSXchyGCq2iW7z:xxFqyRmksCRykQ4SlGCH

Score

10^/10

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  2025-02-24_1cab8f1d349224ed62bf14de12e9bafd_bkransomware_karagany_wapomi
- Size
  
  98KB
- MD5
  
  1cab8f1d349224ed62bf14de12e9bafd
- SHA1
  
  d7d07a14522563d7a9fca9c8227ce138604fb05c
- SHA256
  
  29a2728fdcbfe14997b7825270196c5873f529f158a21641be7b5567904b959d
- SHA512
  
  ae1964bfc3f0a838eb1321e0ab7f0caea043d46058ff35a00c285a4280d7a7d673e7a5e9d5a9cfaaa63035c695e7bbd11c6b93182c306786031abce55da904b9
- SSDEEP
  
  1536:xlbzRLkKWDmJJifu5IksCt5IKygvQPcCsWjcdSXchyGCq2iW7z:xxFqyRmksCRykQ4SlGCH
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Bdaejec family

Detects Bdaejec Backdoor.

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2