General
-
Target
5da4d140536879753010c79159a89d6d_JaffaCakes118
-
Size
1.2MB
-
Sample
240719-zsrpqazbkq
-
MD5
5da4d140536879753010c79159a89d6d
-
SHA1
fa387147d822cc4553d23e976ebd4807c87624f2
-
SHA256
3774fd88aa94d28831d3d9c4db9aaceea01e17c0b7dc6a5a734c04e56b49a822
-
SHA512
c7fe83dfa8df82997ca71ec0aa4f7d22025e06676fb27bca001f3cf6087e85e2d6e530eae253ef1b71ead2350ca1b06b4115a72cc8139a10c2f9d870e043e0aa
-
SSDEEP
24576:Gk/ATz9a6aMDNhow1D9uhlF8KULRwHX7iXQl6QCScld:XoTz9aVwJ9uhr8AHX1EQC
Static task
static1
Behavioral task
behavioral1
Sample
5da4d140536879753010c79159a89d6d_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
5da4d140536879753010c79159a89d6d_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
5da4d140536879753010c79159a89d6d_JaffaCakes118
-
Size
1.2MB
-
MD5
5da4d140536879753010c79159a89d6d
-
SHA1
fa387147d822cc4553d23e976ebd4807c87624f2
-
SHA256
3774fd88aa94d28831d3d9c4db9aaceea01e17c0b7dc6a5a734c04e56b49a822
-
SHA512
c7fe83dfa8df82997ca71ec0aa4f7d22025e06676fb27bca001f3cf6087e85e2d6e530eae253ef1b71ead2350ca1b06b4115a72cc8139a10c2f9d870e043e0aa
-
SSDEEP
24576:Gk/ATz9a6aMDNhow1D9uhlF8KULRwHX7iXQl6QCScld:XoTz9aVwJ9uhr8AHX1EQC
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-