General
-
Target
VirusShare-005bac8eebeef9b7ad5b9cd7c2f7cc31
-
Size
611KB
-
Sample
240202-2axjcsbgej
-
MD5
005bac8eebeef9b7ad5b9cd7c2f7cc31
-
SHA1
e542c11e4d96465c751385e1c6e54724bf89882e
-
SHA256
86e004c6719c4825b8ed8bb1c8fd69789e5b6b0d6cb6a0ced644b829da12a6ed
-
SHA512
1c86c425525818f212a05b3603ab776cb231ab29bd402262f6dbab0679c80b6fb4685bb84bc3a4a5a78e94373ac6afcc56b4a176c8745015e57075ada234ea3d
-
SSDEEP
12288:GGnhcIbSWjP9Zj1Ob8Vd5d0BwizaHKVGka0oOSElDbHeVm:7nPb9HRZPmwi0KVJbSWek
Static task
static1
Behavioral task
behavioral1
Sample
VirusShare-005bac8eebeef9b7ad5b9cd7c2f7cc31.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
VirusShare-005bac8eebeef9b7ad5b9cd7c2f7cc31.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
VirusShare-005bac8eebeef9b7ad5b9cd7c2f7cc31
-
Size
611KB
-
MD5
005bac8eebeef9b7ad5b9cd7c2f7cc31
-
SHA1
e542c11e4d96465c751385e1c6e54724bf89882e
-
SHA256
86e004c6719c4825b8ed8bb1c8fd69789e5b6b0d6cb6a0ced644b829da12a6ed
-
SHA512
1c86c425525818f212a05b3603ab776cb231ab29bd402262f6dbab0679c80b6fb4685bb84bc3a4a5a78e94373ac6afcc56b4a176c8745015e57075ada234ea3d
-
SSDEEP
12288:GGnhcIbSWjP9Zj1Ob8Vd5d0BwizaHKVGka0oOSElDbHeVm:7nPb9HRZPmwi0KVJbSWek
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-