General
-
Target
5d257fce2010ab6bf734734d45808ccc_JaffaCakes118
-
Size
549KB
-
Sample
240719-w49g5axgja
-
MD5
5d257fce2010ab6bf734734d45808ccc
-
SHA1
d4a3e354894dbce4346aa14d072fbb8661608649
-
SHA256
c73411face15979f5152dc809b026fed0f067ba6c7785ef1acd48aaa2caceaf3
-
SHA512
ad97aca3e7221a74a7dfb65dd00fd646e945c669689ba85a5268492fdf435174eb060a608d0fa0863881f1661f3b6e3c893123d64886d112d72484a370e61c6d
-
SSDEEP
12288:NIMZ5hqth+ZdgJdGI8QIfaxILJnratV8ZXDwyp8LEWT4lzR:jPcpJMIoaxUn0SuyPG4H
Static task
static1
Behavioral task
behavioral1
Sample
5d257fce2010ab6bf734734d45808ccc_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
5d257fce2010ab6bf734734d45808ccc_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
5d257fce2010ab6bf734734d45808ccc_JaffaCakes118
-
Size
549KB
-
MD5
5d257fce2010ab6bf734734d45808ccc
-
SHA1
d4a3e354894dbce4346aa14d072fbb8661608649
-
SHA256
c73411face15979f5152dc809b026fed0f067ba6c7785ef1acd48aaa2caceaf3
-
SHA512
ad97aca3e7221a74a7dfb65dd00fd646e945c669689ba85a5268492fdf435174eb060a608d0fa0863881f1661f3b6e3c893123d64886d112d72484a370e61c6d
-
SSDEEP
12288:NIMZ5hqth+ZdgJdGI8QIfaxILJnratV8ZXDwyp8LEWT4lzR:jPcpJMIoaxUn0SuyPG4H
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-