General
-
Target
5c6dc9dcf8154528c0aeda70250dc3dc
-
Size
5.8MB
-
Sample
240115-hrdb9sbchl
-
MD5
5c6dc9dcf8154528c0aeda70250dc3dc
-
SHA1
75244326ebcde49e4822c2f60d75e566d0d1671a
-
SHA256
e1665aa8cbebe7973af2c8989c9e4ac3324403a59d1fd9e25326b90618b2ffcf
-
SHA512
e2e8c4fcf44bb9caa4fac9120e38f558809982e5351a3d77a3ba8f5d5628ddf7ca4440489dcc1a79ccc8a85aeda9ef7a86e1e0cfa6194d80a0447765ad67ba14
-
SSDEEP
98304:/rzlCX/406AFE5YrQLZSFrXyEAobFvFzYGzK5UBtG6zPt7rG0vZV84fnOij/wrcp:DRD0HYYrQerXjhk4BtfzPt7r3V8mwDM9
Static task
static1
Behavioral task
behavioral1
Sample
5c6dc9dcf8154528c0aeda70250dc3dc.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
5c6dc9dcf8154528c0aeda70250dc3dc
-
Size
5.8MB
-
MD5
5c6dc9dcf8154528c0aeda70250dc3dc
-
SHA1
75244326ebcde49e4822c2f60d75e566d0d1671a
-
SHA256
e1665aa8cbebe7973af2c8989c9e4ac3324403a59d1fd9e25326b90618b2ffcf
-
SHA512
e2e8c4fcf44bb9caa4fac9120e38f558809982e5351a3d77a3ba8f5d5628ddf7ca4440489dcc1a79ccc8a85aeda9ef7a86e1e0cfa6194d80a0447765ad67ba14
-
SSDEEP
98304:/rzlCX/406AFE5YrQLZSFrXyEAobFvFzYGzK5UBtG6zPt7rG0vZV84fnOij/wrcp:DRD0HYYrQerXjhk4BtfzPt7r3V8mwDM9
-
Ardamax main executable
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-