General
-
Target
d2a037d4ada7c779c2dabc33d4c08dcb_JaffaCakes118
-
Size
1.1MB
-
Sample
240907-xme3ma1hmf
-
MD5
d2a037d4ada7c779c2dabc33d4c08dcb
-
SHA1
fd92cd6c9a848c2fd86534f4b5e75bde38bf5a5f
-
SHA256
fb74086c0c47afc910240f61a4dffc3046fc7903839be2bedfc0f11521836510
-
SHA512
53da042682a290caca72c316f32834ca90e65189b99d2ba782f6110439b1e9599bc8e4d21116c5ea0711d0f7b747aaa12799016548f90a3ca88c3af5e9f035e3
-
SSDEEP
24576:tZxTW/T3pahAtbpmjZ3O2chHBeDKcXDFQTs4+tPfJqhs:tXTMtuAtbcdQBcdXis4+Tqh
Static task
static1
Behavioral task
behavioral1
Sample
d2a037d4ada7c779c2dabc33d4c08dcb_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d2a037d4ada7c779c2dabc33d4c08dcb_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
d2a037d4ada7c779c2dabc33d4c08dcb_JaffaCakes118
-
Size
1.1MB
-
MD5
d2a037d4ada7c779c2dabc33d4c08dcb
-
SHA1
fd92cd6c9a848c2fd86534f4b5e75bde38bf5a5f
-
SHA256
fb74086c0c47afc910240f61a4dffc3046fc7903839be2bedfc0f11521836510
-
SHA512
53da042682a290caca72c316f32834ca90e65189b99d2ba782f6110439b1e9599bc8e4d21116c5ea0711d0f7b747aaa12799016548f90a3ca88c3af5e9f035e3
-
SSDEEP
24576:tZxTW/T3pahAtbpmjZ3O2chHBeDKcXDFQTs4+tPfJqhs:tXTMtuAtbcdQBcdXis4+Tqh
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-