General
-
Target
56f745ec74b5e44fb9c806f585b179d7
-
Size
558KB
-
Sample
240112-t7c7zsbgfp
-
MD5
56f745ec74b5e44fb9c806f585b179d7
-
SHA1
b271cc8b1ad4038fe5541bace72f914a5286b8e4
-
SHA256
eccee6212fd908aa3223509bc9dc84de255cef6086b092ebb1d7c123c52bcad3
-
SHA512
b0ff898d5791388f3c447b02d243804a6d8576ee8ad212830c59a1f16007a864d8db20be1d91bc50cf26449a88b988961853551c9ea6a46fd48a5217da1fc208
-
SSDEEP
12288:1SVuJMsUDwJ8WuTyucQFryVAtHMmbwIocn8l1YHqmG:Ws2DWuc6eVAtsgdocn8wHqp
Static task
static1
Behavioral task
behavioral1
Sample
56f745ec74b5e44fb9c806f585b179d7.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
56f745ec74b5e44fb9c806f585b179d7.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
56f745ec74b5e44fb9c806f585b179d7
-
Size
558KB
-
MD5
56f745ec74b5e44fb9c806f585b179d7
-
SHA1
b271cc8b1ad4038fe5541bace72f914a5286b8e4
-
SHA256
eccee6212fd908aa3223509bc9dc84de255cef6086b092ebb1d7c123c52bcad3
-
SHA512
b0ff898d5791388f3c447b02d243804a6d8576ee8ad212830c59a1f16007a864d8db20be1d91bc50cf26449a88b988961853551c9ea6a46fd48a5217da1fc208
-
SSDEEP
12288:1SVuJMsUDwJ8WuTyucQFryVAtHMmbwIocn8l1YHqmG:Ws2DWuc6eVAtsgdocn8wHqp
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-