General
-
Target
2621111710e0b9a2cb46c69be7af6854_JaffaCakes118
-
Size
622KB
-
Sample
241008-1y7hsswalh
-
MD5
2621111710e0b9a2cb46c69be7af6854
-
SHA1
7dc4c7ef5122e8ba1f42b77ea9891e102e53df32
-
SHA256
c11c5c083b2585701fd3aba7908579684e5dd5777b7f6aa0ee2f4d513edff00e
-
SHA512
dd700a1c294373a93a1458e635c3f8c5dcd8a204f5552ec0a6677afb15f9238aa13bbc68a851992c1fb07ea571a398adfcabe21374c42d07c5f642a13317ef1e
-
SSDEEP
12288:Z9uKKaBxbyHDmxwtqeRYlnkWsp3eWfB4kEsx93LTRtbMVoXqyeN2gC:iKpr1yt7RYFLsp3fEuHRNXqy43C
Static task
static1
Behavioral task
behavioral1
Sample
2621111710e0b9a2cb46c69be7af6854_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2621111710e0b9a2cb46c69be7af6854_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2621111710e0b9a2cb46c69be7af6854_JaffaCakes118
-
Size
622KB
-
MD5
2621111710e0b9a2cb46c69be7af6854
-
SHA1
7dc4c7ef5122e8ba1f42b77ea9891e102e53df32
-
SHA256
c11c5c083b2585701fd3aba7908579684e5dd5777b7f6aa0ee2f4d513edff00e
-
SHA512
dd700a1c294373a93a1458e635c3f8c5dcd8a204f5552ec0a6677afb15f9238aa13bbc68a851992c1fb07ea571a398adfcabe21374c42d07c5f642a13317ef1e
-
SSDEEP
12288:Z9uKKaBxbyHDmxwtqeRYlnkWsp3eWfB4kEsx93LTRtbMVoXqyeN2gC:iKpr1yt7RYFLsp3fEuHRNXqy43C
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-