ardamax | 207380fbc12ac3c9bd75ae48693ccfae68d00783dd4299152b425828ecfc98a0 | Triage

Submit
Reports

Overview

overview

Static

static

3

733cc93422...18.exe

windows7-x64

733cc93422...18.exe

windows10-2004-x64

Sharing

General

Target

733cc93422d62025264bc2fe1803e4bd_JaffaCakes118
Size

417KB
Sample

240726-j2brvszcje
MD5

733cc93422d62025264bc2fe1803e4bd
SHA1

ca4a24ac49c4a51a03b24db079f8571e1e3c851b
SHA256

207380fbc12ac3c9bd75ae48693ccfae68d00783dd4299152b425828ecfc98a0
SHA512

5d8fa520ecd2a29421e57d30559ca884ef76a8210f0112635b01991f0d74dc234e3f99ce4dc056a5f3da1a21a5f435ebe4f7296ab50616f6b5e73516cc26dc54
SSDEEP

12288:l8U9JQTWc+VXZXcTZd05Xwgr2PS5umZsEzV7x:lJQTWcmZGZd05YRmZTF

Score

10^/10

ardamax discovery keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

733cc93422d62025264bc2fe1803e4bd_JaffaCakes118.exe

Resource

win7-20240704-en

ardamax discovery keylogger stealer

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

733cc93422d62025264bc2fe1803e4bd_JaffaCakes118.exe

Resource

win10v2004-20240709-en

ardamax discovery keylogger stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  733cc93422d62025264bc2fe1803e4bd_JaffaCakes118
- Size
  
  417KB
- MD5
  
  733cc93422d62025264bc2fe1803e4bd
- SHA1
  
  ca4a24ac49c4a51a03b24db079f8571e1e3c851b
- SHA256
  
  207380fbc12ac3c9bd75ae48693ccfae68d00783dd4299152b425828ecfc98a0
- SHA512
  
  5d8fa520ecd2a29421e57d30559ca884ef76a8210f0112635b01991f0d74dc234e3f99ce4dc056a5f3da1a21a5f435ebe4f7296ab50616f6b5e73516cc26dc54
- SSDEEP
  
  12288:l8U9JQTWc+VXZXcTZd05Xwgr2PS5umZsEzV7x:lJQTWcmZGZd05YRmZTF
Score

10^/10

ardamax discovery keylogger stealer
- Ardamax
  A keylogger first seen in 2013.
  keylogger stealer ardamax
- Ardamax main executable
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ardamaxdiscoverykeyloggerstealer

behavioral2

ardamaxdiscoverykeyloggerstealer

© 2018-2025

Terms | Privacy