General
-
Target
77f32cf365e84e16e4f3374ebd01852e_JaffaCakes118
-
Size
1.1MB
-
Sample
240727-m23gcswclp
-
MD5
77f32cf365e84e16e4f3374ebd01852e
-
SHA1
425244a6f0cac66c66db060f78438cf64f57749c
-
SHA256
570ebf829837731cdd67cbdf4735dedcece94258e8b3abe472c483008add04d4
-
SHA512
84a35edf51084fd3770e55625a41eafd50643f0b36cab1da47b91daa8fd75392ae67c7bcac1fb6d5b70f1274eedbe918acbbe64711aa86cac530c075f538c607
-
SSDEEP
24576:+k/ATTDEqZfmkegxv4bqKaI2I2h4Y6d1sh/hpPrSc2:foTTXuvgt2aI12hv6d1s
Static task
static1
Behavioral task
behavioral1
Sample
77f32cf365e84e16e4f3374ebd01852e_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
77f32cf365e84e16e4f3374ebd01852e_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
77f32cf365e84e16e4f3374ebd01852e_JaffaCakes118
-
Size
1.1MB
-
MD5
77f32cf365e84e16e4f3374ebd01852e
-
SHA1
425244a6f0cac66c66db060f78438cf64f57749c
-
SHA256
570ebf829837731cdd67cbdf4735dedcece94258e8b3abe472c483008add04d4
-
SHA512
84a35edf51084fd3770e55625a41eafd50643f0b36cab1da47b91daa8fd75392ae67c7bcac1fb6d5b70f1274eedbe918acbbe64711aa86cac530c075f538c607
-
SSDEEP
24576:+k/ATTDEqZfmkegxv4bqKaI2I2h4Y6d1sh/hpPrSc2:foTTXuvgt2aI12hv6d1s
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-