General
-
Target
5b53027c9e54aafd7caafb21b554e5ed
-
Size
1.0MB
-
Sample
240114-qg4qgabeh3
-
MD5
5b53027c9e54aafd7caafb21b554e5ed
-
SHA1
28c936e41e9edf7341b7de01f2de7e125fd25462
-
SHA256
dc93a7cc91b60cf12d9adc040925beb5d978c5ad96074dec903c456e10466375
-
SHA512
e1edecc6a8e5c36e2a1303218ccafad3de9cde46fba9686044e87dd63d4f11e3013dba666b2773e87244033c56c21144f7d1bea475ebd9692cfb5c7d4c07c4ab
-
SSDEEP
24576:6jXT1mtlT4wiM3LEiHafy9ARlg8UJHDMJY+:6DT1mHqXgalRlpUJHK
Static task
static1
Behavioral task
behavioral1
Sample
5b53027c9e54aafd7caafb21b554e5ed.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5b53027c9e54aafd7caafb21b554e5ed.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
5b53027c9e54aafd7caafb21b554e5ed
-
Size
1.0MB
-
MD5
5b53027c9e54aafd7caafb21b554e5ed
-
SHA1
28c936e41e9edf7341b7de01f2de7e125fd25462
-
SHA256
dc93a7cc91b60cf12d9adc040925beb5d978c5ad96074dec903c456e10466375
-
SHA512
e1edecc6a8e5c36e2a1303218ccafad3de9cde46fba9686044e87dd63d4f11e3013dba666b2773e87244033c56c21144f7d1bea475ebd9692cfb5c7d4c07c4ab
-
SSDEEP
24576:6jXT1mtlT4wiM3LEiHafy9ARlg8UJHDMJY+:6DT1mHqXgalRlpUJHK
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-