General
-
Target
be94802dec7176dedf6b914e92813873_JaffaCakes118
-
Size
1.3MB
-
Sample
240824-pkep3szckc
-
MD5
be94802dec7176dedf6b914e92813873
-
SHA1
97f8a32314ff23e2acc0f6e048f92515cb1ba8b9
-
SHA256
830eca29d89af67efdc3f38a732e37f13d9f89cdbdc7ec93dcf2220764ca1b17
-
SHA512
6f3d2ebdb7f7574d35fcb367aa11fd0e0fbc92e4594b5b6a6be93088afaca5d9bc31a8e7d80db7569150fbe97813055d4beda67fb70fa32fe136207db358f498
-
SSDEEP
24576:FZxTtPqeTsq9JaNbbLA0b4sGfmn+T2UYlfKcfNUqlQhEopCdzoH1Kwaxd7pQ:FXTxqi2Q0bkAUYlqpC2AlxRp
Static task
static1
Behavioral task
behavioral1
Sample
be94802dec7176dedf6b914e92813873_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
be94802dec7176dedf6b914e92813873_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
be94802dec7176dedf6b914e92813873_JaffaCakes118
-
Size
1.3MB
-
MD5
be94802dec7176dedf6b914e92813873
-
SHA1
97f8a32314ff23e2acc0f6e048f92515cb1ba8b9
-
SHA256
830eca29d89af67efdc3f38a732e37f13d9f89cdbdc7ec93dcf2220764ca1b17
-
SHA512
6f3d2ebdb7f7574d35fcb367aa11fd0e0fbc92e4594b5b6a6be93088afaca5d9bc31a8e7d80db7569150fbe97813055d4beda67fb70fa32fe136207db358f498
-
SSDEEP
24576:FZxTtPqeTsq9JaNbbLA0b4sGfmn+T2UYlfKcfNUqlQhEopCdzoH1Kwaxd7pQ:FXTxqi2Q0bkAUYlqpC2AlxRp
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-