General
-
Target
d6ef4db21304e0b564bda8d86520d9fe_JaffaCakes118
-
Size
1.1MB
-
Sample
240909-xw9ctsxbja
-
MD5
d6ef4db21304e0b564bda8d86520d9fe
-
SHA1
3eee507a3763d9c6b630118ec8a2fbc44fe70999
-
SHA256
784a214746c7e36ef35550f2a70b9909364656d2e42f74a4629018e9dbc8005f
-
SHA512
d77a92a2d8ea6d9c2994ff3f8dfa5d04a75d9da62debd5b52ffc5edaa5827113afd9afd99867891a567727e8771deea98b2ca4f33329e8fcbc779be6563682ca
-
SSDEEP
24576:zZxTeWkPIKFO1qfkh9MnkuS29P/mvKV+lz+3rS+WiLIhEpJUaOZ9x:zXTeWxKFJ69LXo+6+lzCrtWic+g
Static task
static1
Behavioral task
behavioral1
Sample
d6ef4db21304e0b564bda8d86520d9fe_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d6ef4db21304e0b564bda8d86520d9fe_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
d6ef4db21304e0b564bda8d86520d9fe_JaffaCakes118
-
Size
1.1MB
-
MD5
d6ef4db21304e0b564bda8d86520d9fe
-
SHA1
3eee507a3763d9c6b630118ec8a2fbc44fe70999
-
SHA256
784a214746c7e36ef35550f2a70b9909364656d2e42f74a4629018e9dbc8005f
-
SHA512
d77a92a2d8ea6d9c2994ff3f8dfa5d04a75d9da62debd5b52ffc5edaa5827113afd9afd99867891a567727e8771deea98b2ca4f33329e8fcbc779be6563682ca
-
SSDEEP
24576:zZxTeWkPIKFO1qfkh9MnkuS29P/mvKV+lz+3rS+WiLIhEpJUaOZ9x:zXTeWxKFJ69LXo+6+lzCrtWic+g
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-