General

  • Target

    b6f3cac20cd2ab6fb2e27002c4121118_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240822-j6zdqazemr

  • MD5

    b6f3cac20cd2ab6fb2e27002c4121118

  • SHA1

    4c0bab32c1592a215c8801099491376d1e995a05

  • SHA256

    e6b016288e1079ff132d921bcf129ad63907ef5b66fa01ecdd9256329d830580

  • SHA512

    6bd222241cc3e6d72c3af38175d998c6f5560e9a0dd8a7954052db18b34bf586f6d5bc7eb1256809d4bc1fc836ccc98e84df87a79d9f007686d2b034cff9a97c

  • SSDEEP

    24576:z3LJTpVb556hNSE+3NuXHmGQeqGT+UVTXs3RHO1+fapSwRGudguVZXpwNpb2g6X:z3tTnbHONpHmufdXshOCwRGZuV/Wb36

Malware Config

Targets

    • Target

      b6f3cac20cd2ab6fb2e27002c4121118_JaffaCakes118

    • Size

      1.3MB

    • MD5

      b6f3cac20cd2ab6fb2e27002c4121118

    • SHA1

      4c0bab32c1592a215c8801099491376d1e995a05

    • SHA256

      e6b016288e1079ff132d921bcf129ad63907ef5b66fa01ecdd9256329d830580

    • SHA512

      6bd222241cc3e6d72c3af38175d998c6f5560e9a0dd8a7954052db18b34bf586f6d5bc7eb1256809d4bc1fc836ccc98e84df87a79d9f007686d2b034cff9a97c

    • SSDEEP

      24576:z3LJTpVb556hNSE+3NuXHmGQeqGT+UVTXs3RHO1+fapSwRGudguVZXpwNpb2g6X:z3tTnbHONpHmufdXshOCwRGZuV/Wb36

    • Ardamax

      A keylogger first seen in 2013.

    • Ardamax main executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.