Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4db1ffff828fba5a9fd4e301c5ccfd47_JaffaCakes118
-
Size
689KB
-
Sample
241016-ta497sxglc
-
MD5
4db1ffff828fba5a9fd4e301c5ccfd47
-
SHA1
80efde03fe55f10ce276f856e2ce9eb8c8cb3d72
-
SHA256
11e74445768e50fe8ece9fa1b32269f99000bf347624e0a1a4c6eb3e572b04e2
-
SHA512
c8863db691143918da25ea2286147b3c4e7d0c506deeb3bab0c01c9cdf75539f61bf4d9950a074c6f40d471ac200ccdd52605f08e59e797b2251856bb6075be0
-
SSDEEP
12288:Qp8jwz/7PC/VbWU5vOOmDJbnDMsDlMvybqmFhZCAXRlZGvjs/KltHNCw112qH:POwbWU9OOm9/MsDlMMhssGvQaz112Y
Malware Config
Targets
-
-
Target
4db1ffff828fba5a9fd4e301c5ccfd47_JaffaCakes118
-
Size
689KB
-
MD5
4db1ffff828fba5a9fd4e301c5ccfd47
-
SHA1
80efde03fe55f10ce276f856e2ce9eb8c8cb3d72
-
SHA256
11e74445768e50fe8ece9fa1b32269f99000bf347624e0a1a4c6eb3e572b04e2
-
SHA512
c8863db691143918da25ea2286147b3c4e7d0c506deeb3bab0c01c9cdf75539f61bf4d9950a074c6f40d471ac200ccdd52605f08e59e797b2251856bb6075be0
-
SSDEEP
12288:Qp8jwz/7PC/VbWU5vOOmDJbnDMsDlMvybqmFhZCAXRlZGvjs/KltHNCw112qH:POwbWU9OOm9/MsDlMMhssGvQaz112Y
Score10/10-
Ardamax
A keylogger first seen in 2013.
-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-