General
-
Target
66b880f149c807971f8b49a866f10772_JaffaCakes118
-
Size
1.1MB
-
Sample
240723-jnterawckk
-
MD5
66b880f149c807971f8b49a866f10772
-
SHA1
500a8ee8bf2394029ec7273a0a403dfe40b8cea9
-
SHA256
09b25a8a66982e765f38e4db14dbc989bb5063e3faf1f058753cd56d4de7e669
-
SHA512
698954071c00135b9f9fbb67d7f7fd7fc8235a4e143b5250aed7c4f4da00091fce411cf814a080850f1a79f96e6696419cf49bb52833b67b0035e3b17085e35c
-
SSDEEP
24576:HZxTE1qnN2N6nJAK5EqIImgROciQY1gaqOvJmJZPoM:HXTWaNs2J3Eqpj0QYDjvg8
Static task
static1
Behavioral task
behavioral1
Sample
66b880f149c807971f8b49a866f10772_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
66b880f149c807971f8b49a866f10772_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
66b880f149c807971f8b49a866f10772_JaffaCakes118
-
Size
1.1MB
-
MD5
66b880f149c807971f8b49a866f10772
-
SHA1
500a8ee8bf2394029ec7273a0a403dfe40b8cea9
-
SHA256
09b25a8a66982e765f38e4db14dbc989bb5063e3faf1f058753cd56d4de7e669
-
SHA512
698954071c00135b9f9fbb67d7f7fd7fc8235a4e143b5250aed7c4f4da00091fce411cf814a080850f1a79f96e6696419cf49bb52833b67b0035e3b17085e35c
-
SSDEEP
24576:HZxTE1qnN2N6nJAK5EqIImgROciQY1gaqOvJmJZPoM:HXTWaNs2J3Eqpj0QYDjvg8
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-