General
-
Target
88a7d23cc3923564640e1c6fb4b73716
-
Size
1.2MB
-
Sample
240202-fzpddsefe3
-
MD5
88a7d23cc3923564640e1c6fb4b73716
-
SHA1
68e89fce81f7d0a45a9fd82b8779bc85ea0f5210
-
SHA256
41eb872174aec322bd4ead6f8305461a62dbcdd3cf0ef46065c8ac585c7509e8
-
SHA512
83d67dbe5092662737cc8a36f1713844da22e4b2cf15379aadc8eadab74f00b56a854af8cb01a5ca110c56fcc5d09cc6db48f37f6447b1d46d1bf999c0c9d779
-
SSDEEP
24576:EzwTT6d0kiV20le7KEBMd4jekVX5cT3x7T8MbqyTI1cG6M30vF+:Ez+ThkHDOajekbgBz/uc56
Static task
static1
Behavioral task
behavioral1
Sample
88a7d23cc3923564640e1c6fb4b73716.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
88a7d23cc3923564640e1c6fb4b73716.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
88a7d23cc3923564640e1c6fb4b73716
-
Size
1.2MB
-
MD5
88a7d23cc3923564640e1c6fb4b73716
-
SHA1
68e89fce81f7d0a45a9fd82b8779bc85ea0f5210
-
SHA256
41eb872174aec322bd4ead6f8305461a62dbcdd3cf0ef46065c8ac585c7509e8
-
SHA512
83d67dbe5092662737cc8a36f1713844da22e4b2cf15379aadc8eadab74f00b56a854af8cb01a5ca110c56fcc5d09cc6db48f37f6447b1d46d1bf999c0c9d779
-
SSDEEP
24576:EzwTT6d0kiV20le7KEBMd4jekVX5cT3x7T8MbqyTI1cG6M30vF+:Ez+ThkHDOajekbgBz/uc56
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-