General
-
Target
77813515592c8eee78e0ae6ec8409a99_JaffaCakes118
-
Size
494KB
-
Sample
240727-j69vfswfjj
-
MD5
77813515592c8eee78e0ae6ec8409a99
-
SHA1
fac10c8334e8fe976b995ca518c6699a3aa216ff
-
SHA256
4374cfe4667846d44ae21aabfd03d73edd427ddc02bbdfc478dbca33867a46aa
-
SHA512
20b5a6ab846fe6974dec40f49b5c1512441ac32294e7a988ca8e6016782712ed7a4161bd98b740a2afbe91336373f0e77d9f68d115598971a7d645c4009e4df8
-
SSDEEP
12288:gGAzlGPNiFblmSCYmeWWlK7F8uhJ6KBZwZeRESxqaW:mRJFFlY7oKcEWP
Static task
static1
Behavioral task
behavioral1
Sample
77813515592c8eee78e0ae6ec8409a99_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
77813515592c8eee78e0ae6ec8409a99_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
77813515592c8eee78e0ae6ec8409a99_JaffaCakes118
-
Size
494KB
-
MD5
77813515592c8eee78e0ae6ec8409a99
-
SHA1
fac10c8334e8fe976b995ca518c6699a3aa216ff
-
SHA256
4374cfe4667846d44ae21aabfd03d73edd427ddc02bbdfc478dbca33867a46aa
-
SHA512
20b5a6ab846fe6974dec40f49b5c1512441ac32294e7a988ca8e6016782712ed7a4161bd98b740a2afbe91336373f0e77d9f68d115598971a7d645c4009e4df8
-
SSDEEP
12288:gGAzlGPNiFblmSCYmeWWlK7F8uhJ6KBZwZeRESxqaW:mRJFFlY7oKcEWP
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-