ardamax | 23dc90aaf6b70fb39deb79f7278bd95a_JaffaCakes118 | Triage

Sharing

General

Target

23dc90aaf6b70fb39deb79f7278bd95a_JaffaCakes118
Size

328KB
MD5

23dc90aaf6b70fb39deb79f7278bd95a
SHA1

8d8c84a1a1e80fbfb4672c1845fe1c3da9495ee1
SHA256

1324201ddcb6653ac08717285c13fd5280fb82d13818f103b1e2e87ed7bfbffe
SHA512

a6f9a585e34bb51a3254e99d0a5c307400ad47a3a83487b793b6347917d84f74080551b233b9983f799e228f84d6179797288acc7482a1dcbd96be3b6de26322
SSDEEP

6144:LjCDcputffoycg8bQoRhYTXnyO3Qz/2yczRmzDO:vCDnFCp8z/3Q/lrzC

Score

10^/10

ardamax

Malware Config

Signatures

Ardamax family
ardamax

Ardamax main executable 1 IoCs

resource	yara_rule
sample	family_ardamax

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23dc90aaf6b70fb39deb79f7278bd95a_JaffaCakes118

Files

23dc90aaf6b70fb39deb79f7278bd95a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.AntiDot
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AntiDot
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AntiDot
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.topo0
Size: 512B - Virtual size: 55B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.topo1
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE