ardamax | 97271827d586a406563da05840b685ff31acb5fe3afb06556ba548ef700d1e18

Sharing

Copy URL Twitter E-mail

General

Target

97271827d586a406563da05840b685ff31acb5fe3afb06556ba548ef700d1e18
Size

76.8MB
MD5

d755b678f030b9dd9f0b379d64f6c260
SHA1

a78b6c846ddb04765839bc387c82a8b74e74c504
SHA256

97271827d586a406563da05840b685ff31acb5fe3afb06556ba548ef700d1e18
SHA512

0d374b6e4f5810895edf29b5c65e92a5efefaa97f195fe0be64b7f69f6a6d735f4dca9e6ef79070830bd6ab69aaf860901f6ffecb5871be967567201de4c1fd9
SSDEEP

786432:Z5z3H6691osByymaUQ+IFfXnpIDGSrK5zxRL40Sv:Z5J1o3Fa6if3pzzPLb

Score

10^/10

ardamax

Malware Config

Signatures

Ardamax family
ardamax

Ardamax main executable 1 IoCs

resource	yara_rule
sample	family_ardamax

Files

97271827d586a406563da05840b685ff31acb5fe3afb06556ba548ef700d1e18
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9.3MB - Virtual size: 9.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 673KB - Virtual size: 672KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

KMDDKFQT
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE_COM
Size: 649KB - Virtual size: 649KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGED2PC
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGEPPLC
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE_CPC
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE_DRM
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE_HDC
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE_OPM
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE_WSC
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE_PRE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGESIPC
Size: 605KB - Virtual size: 605KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGEISPC
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGEDMCC
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGECALC
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGED3PC
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGEDSIC
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGED2IC
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGEDCIC
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGED3IC
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGEKMDD
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGEIVEG
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGEINAV
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGEINV3
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGEILEG
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGEICMN
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGED2PD
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGED2PR
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGEPPLD
Size: 510KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE_RW
Size: 559KB - Virtual size: 559KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE_CPR
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE_DRM
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE_HDC
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE_OPM
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE_WSD
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE_WSR
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE_PRE
Size: 512B - Virtual size: 409B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGESIPD
Size: 34.6MB - Virtual size: 34.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGEISPD
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGEDMCD
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGECALD
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGEDSIR
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGED3IR
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGED2IR
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGEDCIR
Size: 784KB - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGED3ID
Size: 556KB - Virtual size: 555KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGED3PD
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGED3PR
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGEDSID
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGEDCID
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGED2ID
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.rdata Size: 4.1MB - Virtual size: 4.1MB

.data Size: 9.3MB - Virtual size: 9.5MB

.pdata Size: 673KB - Virtual size: 672KB

KMDDKFQT Size: 512B - Virtual size: 32B

PAGE_COM Size: 649KB - Virtual size: 649KB

PAGE Size: 2KB - Virtual size: 2KB

PAGED2PC Size: 3.3MB - Virtual size: 3.3MB

PAGEPPLC Size: 1.4MB - Virtual size: 1.4MB

PAGE_CPC Size: 230KB - Virtual size: 230KB

PAGE_DRM Size: 11KB - Virtual size: 10KB

PAGE_HDC Size: 19KB - Virtual size: 18KB

PAGE_OPM Size: 7KB - Virtual size: 6KB

PAGE_WSC Size: 6KB - Virtual size: 5KB

PAGE_PRE Size: 3KB - Virtual size: 2KB

PAGESIPC Size: 605KB - Virtual size: 605KB

PAGEISPC Size: 158KB - Virtual size: 158KB

PAGEDMCC Size: 10KB - Virtual size: 10KB

PAGECALC Size: 366KB - Virtual size: 365KB

PAGED3PC Size: 1.2MB - Virtual size: 1.2MB

PAGEDSIC Size: 92KB - Virtual size: 92KB

PAGED2IC Size: 203KB - Virtual size: 203KB

PAGEDCIC Size: 3.4MB - Virtual size: 3.4MB

PAGED3IC Size: 240KB - Virtual size: 240KB

PAGEKMDD Size: 1KB - Virtual size: 1KB

PAGEIVEG Size: 143KB - Virtual size: 143KB

PAGEINAV Size: 162KB - Virtual size: 161KB

PAGEINV3 Size: 29KB - Virtual size: 28KB

PAGEILEG Size: 81KB - Virtual size: 80KB

PAGEICMN Size: 11KB - Virtual size: 10KB

PAGED2PD Size: 59KB - Virtual size: 58KB

PAGED2PR Size: 251KB - Virtual size: 250KB

PAGEPPLD Size: 510KB - Virtual size: 509KB

PAGE_RW Size: 559KB - Virtual size: 559KB

PAGE_CPR Size: 57KB - Virtual size: 56KB

PAGE_DRM Size: 2KB - Virtual size: 1KB

PAGE_HDC Size: 6KB - Virtual size: 5KB

PAGE_OPM Size: 3KB - Virtual size: 2KB

PAGE_WSD Size: 1KB - Virtual size: 1KB

PAGE_WSR Size: 4KB - Virtual size: 4KB

PAGE_PRE Size: 512B - Virtual size: 409B

PAGESIPD Size: 34.6MB - Virtual size: 34.6MB

PAGEISPD Size: 18KB - Virtual size: 18KB

PAGEDMCD Size: 1.0MB - Virtual size: 1.0MB

PAGE Size: 512B - Virtual size: 24B

PAGECALD Size: 6.3MB - Virtual size: 6.3MB

PAGEDSIR Size: 16KB - Virtual size: 16KB

PAGED3IR Size: 15KB - Virtual size: 15KB

PAGED2IR Size: 17KB - Virtual size: 17KB

PAGEDCIR Size: 784KB - Virtual size: 784KB

PAGED3ID Size: 556KB - Virtual size: 555KB

PAGED3PD Size: 51KB - Virtual size: 50KB

PAGED3PR Size: 436KB - Virtual size: 435KB

PAGEDSID Size: 4KB - Virtual size: 3KB

PAGEDCID Size: 64KB - Virtual size: 64KB

PAGED2ID Size: 1024B - Virtual size: 760B

INIT Size: 8KB - Virtual size: 7KB

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 258KB - Virtual size: 258KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.rdata
Size: 4.1MB - Virtual size: 4.1MB

.data
Size: 9.3MB - Virtual size: 9.5MB

.pdata
Size: 673KB - Virtual size: 672KB

KMDDKFQT
Size: 512B - Virtual size: 32B

PAGE_COM
Size: 649KB - Virtual size: 649KB

PAGE
Size: 2KB - Virtual size: 2KB

PAGED2PC
Size: 3.3MB - Virtual size: 3.3MB

PAGEPPLC
Size: 1.4MB - Virtual size: 1.4MB

PAGE_CPC
Size: 230KB - Virtual size: 230KB

PAGE_DRM
Size: 11KB - Virtual size: 10KB

PAGE_HDC
Size: 19KB - Virtual size: 18KB

PAGE_OPM
Size: 7KB - Virtual size: 6KB

PAGE_WSC
Size: 6KB - Virtual size: 5KB

PAGE_PRE
Size: 3KB - Virtual size: 2KB

PAGESIPC
Size: 605KB - Virtual size: 605KB

PAGEISPC
Size: 158KB - Virtual size: 158KB

PAGEDMCC
Size: 10KB - Virtual size: 10KB

PAGECALC
Size: 366KB - Virtual size: 365KB

PAGED3PC
Size: 1.2MB - Virtual size: 1.2MB

PAGEDSIC
Size: 92KB - Virtual size: 92KB

PAGED2IC
Size: 203KB - Virtual size: 203KB

PAGEDCIC
Size: 3.4MB - Virtual size: 3.4MB

PAGED3IC
Size: 240KB - Virtual size: 240KB

PAGEKMDD
Size: 1KB - Virtual size: 1KB

PAGEIVEG
Size: 143KB - Virtual size: 143KB

PAGEINAV
Size: 162KB - Virtual size: 161KB

PAGEINV3
Size: 29KB - Virtual size: 28KB

PAGEILEG
Size: 81KB - Virtual size: 80KB

PAGEICMN
Size: 11KB - Virtual size: 10KB

PAGED2PD
Size: 59KB - Virtual size: 58KB

PAGED2PR
Size: 251KB - Virtual size: 250KB

PAGEPPLD
Size: 510KB - Virtual size: 509KB

PAGE_RW
Size: 559KB - Virtual size: 559KB

PAGE_CPR
Size: 57KB - Virtual size: 56KB

PAGE_DRM
Size: 2KB - Virtual size: 1KB

PAGE_HDC
Size: 6KB - Virtual size: 5KB

PAGE_OPM
Size: 3KB - Virtual size: 2KB

PAGE_WSD
Size: 1KB - Virtual size: 1KB

PAGE_WSR
Size: 4KB - Virtual size: 4KB

PAGE_PRE
Size: 512B - Virtual size: 409B

PAGESIPD
Size: 34.6MB - Virtual size: 34.6MB

PAGEISPD
Size: 18KB - Virtual size: 18KB

PAGEDMCD
Size: 1.0MB - Virtual size: 1.0MB

PAGE
Size: 512B - Virtual size: 24B

PAGECALD
Size: 6.3MB - Virtual size: 6.3MB

PAGEDSIR
Size: 16KB - Virtual size: 16KB

PAGED3IR
Size: 15KB - Virtual size: 15KB

PAGED2IR
Size: 17KB - Virtual size: 17KB

PAGEDCIR
Size: 784KB - Virtual size: 784KB

PAGED3ID
Size: 556KB - Virtual size: 555KB

PAGED3PD
Size: 51KB - Virtual size: 50KB

PAGED3PR
Size: 436KB - Virtual size: 435KB

PAGEDSID
Size: 4KB - Virtual size: 3KB

PAGEDCID
Size: 64KB - Virtual size: 64KB

PAGED2ID
Size: 1024B - Virtual size: 760B

INIT
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 258KB - Virtual size: 258KB