bdaejec | dc0f50a80413fe67c772763bab3e1e6d67e3d58a80e9e8586e6c7f300d22acc6 | Triage

Submit
Reports

Overview

overview

Static

static

3

2025-04-17...mi.exe

windows10-2004-x64

2025-04-17...mi.exe

windows11-21h2-x64

Sharing

General

Target

2025-04-17_4ef7486b79c05e74e914ee1dc9223ea0_amadey_black-basta_cobalt-strike_elex_luca-stealer_wapomi
Size

572KB
Sample

250417-p9kydsypt9
MD5

4ef7486b79c05e74e914ee1dc9223ea0
SHA1

b8bc560a79e53c8518c96d607f914129326499b7
SHA256

dc0f50a80413fe67c772763bab3e1e6d67e3d58a80e9e8586e6c7f300d22acc6
SHA512

2fa51321532c07dc4ebdc0a28bceaa4a5fbb13260728aacd7d3c6b920293776c67cf26d32d37daf2024e66d7474ec43883100a07e1a845d76669e6f230bcd457
SSDEEP

12288:96+OkYKllc/IwoG4fDXirqZ1xQMAejKv4fkuRdujMhVtr+pHb5hbczs/s4yxGMoM:4+N/Sw3G4fWG3+U5ujMNQv04yxtb1yH0

Score

10^/10

bdaejec aspackv2 backdoor discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2025-04-17_4ef7486b79c05e74e914ee1dc9223ea0_amadey_black-basta_cobalt-strike_elex_luca-stealer_wapomi.exe

Resource

win10v2004-20250410-en

bdaejec aspackv2 backdoor discovery

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-04-17_4ef7486b79c05e74e914ee1dc9223ea0_amadey_black-basta_cobalt-strike_elex_luca-stealer_wapomi.exe

Resource

win11-20250410-en

bdaejec aspackv2 backdoor discovery

windows11-21h2-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

bdaejec

C2

ddos.dnsnb8.net

Targets

- Target
  
  2025-04-17_4ef7486b79c05e74e914ee1dc9223ea0_amadey_black-basta_cobalt-strike_elex_luca-stealer_wapomi
- Size
  
  572KB
- MD5
  
  4ef7486b79c05e74e914ee1dc9223ea0
- SHA1
  
  b8bc560a79e53c8518c96d607f914129326499b7
- SHA256
  
  dc0f50a80413fe67c772763bab3e1e6d67e3d58a80e9e8586e6c7f300d22acc6
- SHA512
  
  2fa51321532c07dc4ebdc0a28bceaa4a5fbb13260728aacd7d3c6b920293776c67cf26d32d37daf2024e66d7474ec43883100a07e1a845d76669e6f230bcd457
- SSDEEP
  
  12288:96+OkYKllc/IwoG4fDXirqZ1xQMAejKv4fkuRdujMhVtr+pHb5hbczs/s4yxGMoM:4+N/Sw3G4fWG3+U5ujMNQv04yxtb1yH0
Score

10^/10

bdaejec aspackv2 backdoor discovery
- Bdaejec
  Bdaejec is a backdoor written in C++.
  backdoor bdaejec
- Bdaejec family
  bdaejec
- Detects Bdaejec Backdoor.
  Bdaejec is backdoor written in C++.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bdaejecaspackv2backdoordiscovery

behavioral2

bdaejecaspackv2backdoordiscovery

© 2018-2025

Terms | Privacy