General
-
Target
7c6b964a64bc3b10c0742e91a532956a_JaffaCakes118
-
Size
1.2MB
-
Sample
240731-pr17natbkq
-
MD5
7c6b964a64bc3b10c0742e91a532956a
-
SHA1
2aec930840313fc212c67f5e273a8994750d1621
-
SHA256
053c841416a4b01de15f3fed10e02b2255b565655bac90c704f3ab7eae386f59
-
SHA512
e774d844d722b0239b202bc048b48ddb611bf288389999d09c4838fc84e84046a061c1d0b70e4c47d2744ba9ac7a172caef606087b235030354e72dd9602adc9
-
SSDEEP
24576:BZxTi3uWFLEIjnCWtB6q1tzdlRgOqDxXq7jUr46Hjw1pBxO2I3UTKIOHQpj:BXTittEIjd/51Dl+dVXq7AHjw1/NIpV
Static task
static1
Behavioral task
behavioral1
Sample
7c6b964a64bc3b10c0742e91a532956a_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
7c6b964a64bc3b10c0742e91a532956a_JaffaCakes118.exe
Resource
win10v2004-20240730-en
Malware Config
Targets
-
-
Target
7c6b964a64bc3b10c0742e91a532956a_JaffaCakes118
-
Size
1.2MB
-
MD5
7c6b964a64bc3b10c0742e91a532956a
-
SHA1
2aec930840313fc212c67f5e273a8994750d1621
-
SHA256
053c841416a4b01de15f3fed10e02b2255b565655bac90c704f3ab7eae386f59
-
SHA512
e774d844d722b0239b202bc048b48ddb611bf288389999d09c4838fc84e84046a061c1d0b70e4c47d2744ba9ac7a172caef606087b235030354e72dd9602adc9
-
SSDEEP
24576:BZxTi3uWFLEIjnCWtB6q1tzdlRgOqDxXq7jUr46Hjw1pBxO2I3UTKIOHQpj:BXTittEIjd/51Dl+dVXq7AHjw1/NIpV
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-