General

  • Target

    738e50879d1ef6f9c4a1f4d0fcd1fe1df2dbed732dbbf66609d5e297e819e8f9.zip

  • Size

    2.6MB

  • MD5

    9481497727f6789bd8cf69039cf6b0da

  • SHA1

    3f906df6a71905ace3508317ada6213303000516

  • SHA256

    cbd17c6f980e5ab7412ef8e35766fe9ade433d714b3064a5b4a1aa054ca663f9

  • SHA512

    f11d7aaa114cce8dd18ddca5b4ecf397ffdc67ad5ed57a73db4036a8bda5a1c5e7ab04dceeec4de6f0b8cd2b1f51dda85447771b00aaff306af3be808505a161

Malware Config

Signatures

  • Ardamax Main Executable 1 IoCs
  • Ardamax family
  • GandCrab Payload 1 IoCs
  • Gandcrab family
  • Mimikatz family
  • mimikatz is an open source tool to dump credentials on Windows 1 IoCs

Files

  • 738e50879d1ef6f9c4a1f4d0fcd1fe1df2dbed732dbbf66609d5e297e819e8f9.zip
    .zip

    Password: infected

  • 738e50879d1ef6f9c4a1f4d0fcd1fe1df2dbed732dbbf66609d5e297e819e8f9
    .exe windows x64