General
-
Target
542411c9a1b0bd18643f9fd5465cb0d2
-
Size
490KB
-
Sample
240111-v32v8adfa5
-
MD5
542411c9a1b0bd18643f9fd5465cb0d2
-
SHA1
e39654b4c510ef6f664c9a2878a579441eea6187
-
SHA256
c26394ba0e53004927c9b95c99751b098ce84e3b1a259f362e088ef6f9401011
-
SHA512
c16dcbfc4cd557531722bc1c2b638c93b417f5894b3661c930cae85905851664c6e55cc882f603c3fb22430a050aeb11ecd4732658bc129fe2096b4cb305c43e
-
SSDEEP
12288:FQ0huqmZCe/jn0rQQLYZFjsd2fn4AlU5mUeS2qSJhL9HZEJ:1huq6C70M2fBlU439N5EJ
Static task
static1
Behavioral task
behavioral1
Sample
542411c9a1b0bd18643f9fd5465cb0d2.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
542411c9a1b0bd18643f9fd5465cb0d2.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
542411c9a1b0bd18643f9fd5465cb0d2
-
Size
490KB
-
MD5
542411c9a1b0bd18643f9fd5465cb0d2
-
SHA1
e39654b4c510ef6f664c9a2878a579441eea6187
-
SHA256
c26394ba0e53004927c9b95c99751b098ce84e3b1a259f362e088ef6f9401011
-
SHA512
c16dcbfc4cd557531722bc1c2b638c93b417f5894b3661c930cae85905851664c6e55cc882f603c3fb22430a050aeb11ecd4732658bc129fe2096b4cb305c43e
-
SSDEEP
12288:FQ0huqmZCe/jn0rQQLYZFjsd2fn4AlU5mUeS2qSJhL9HZEJ:1huq6C70M2fBlU439N5EJ
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-