Overview

overview

10

Static

static

3

3d4abfa90c...18.exe

windows7-x64

10

3d4abfa90c...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3d4abfa90c621d3726e8f5593c52020a_JaffaCakes118

  • Size

    1.6MB

  • Sample

    241013-cx6m4syemq

  • MD5

    3d4abfa90c621d3726e8f5593c52020a

  • SHA1

    15bda26ef77264a1e3e65450a09410bcb3f71899

  • SHA256

    913715e56ec7145f019b09858d7cbf0530a49a1b7e87daae589dbf887f8e304e

  • SHA512

    62f030e9398a8d3cbfbc2c877725b5a9c79cf20fb84df31225a287f5c064daa1061f7ef77732f924cba92c6fd291fbacb1cdd1c8a3b344f1243315dbd0e9d57f

  • SSDEEP

    24576:TbPTelA95idLapveRf+Z1W3o7MQOFqD4LdbqPuiIEnkA2lssK966MlPThPr5GeQx:T7TXdWRk15iW4hGPuZEkHs9atUF

Score
10/10
ardamaxdiscoverykeyloggerpersistencestealer

Malware Config

Targets

    • Target

      3d4abfa90c621d3726e8f5593c52020a_JaffaCakes118

    • Size

      1.6MB

    • MD5

      3d4abfa90c621d3726e8f5593c52020a

    • SHA1

      15bda26ef77264a1e3e65450a09410bcb3f71899

    • SHA256

      913715e56ec7145f019b09858d7cbf0530a49a1b7e87daae589dbf887f8e304e

    • SHA512

      62f030e9398a8d3cbfbc2c877725b5a9c79cf20fb84df31225a287f5c064daa1061f7ef77732f924cba92c6fd291fbacb1cdd1c8a3b344f1243315dbd0e9d57f

    • SSDEEP

      24576:TbPTelA95idLapveRf+Z1W3o7MQOFqD4LdbqPuiIEnkA2lssK966MlPThPr5GeQx:T7TXdWRk15iW4hGPuZEkHs9atUF

    Score
    10/10
    ardamaxdiscoverykeyloggerpersistencestealer

    • Ardamax

      A keylogger first seen in 2013.

      keyloggerstealerardamax

    • Ardamax main executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks