General
-
Target
ab96d11e6643d675c853f83753b51c1e_JaffaCakes118
-
Size
675KB
-
Sample
241128-jtztqaxjfk
-
MD5
ab96d11e6643d675c853f83753b51c1e
-
SHA1
f388ead80109ec4f714d48e841ae9188f89b61ee
-
SHA256
d9c06711926d23d2c0b85447a75e0b5ba6af0d94afcb79cfb6915c72ada1b135
-
SHA512
d13b965dae013d6ea2d681c63450fad4c0f18cbd3afac211b84eac3064920f13d3cdd4c4476843cab463195431cb52f7eb99393a227421d8bf89d33488315c95
-
SSDEEP
12288:fTdED8z8zfnAUU2YgzPo3QL/wkZOrPm9lU9e7NYAg+q:pEuym2YgzPCQLxOrPmlU9SN5Lq
Static task
static1
Behavioral task
behavioral1
Sample
ab96d11e6643d675c853f83753b51c1e_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
ab96d11e6643d675c853f83753b51c1e_JaffaCakes118
-
Size
675KB
-
MD5
ab96d11e6643d675c853f83753b51c1e
-
SHA1
f388ead80109ec4f714d48e841ae9188f89b61ee
-
SHA256
d9c06711926d23d2c0b85447a75e0b5ba6af0d94afcb79cfb6915c72ada1b135
-
SHA512
d13b965dae013d6ea2d681c63450fad4c0f18cbd3afac211b84eac3064920f13d3cdd4c4476843cab463195431cb52f7eb99393a227421d8bf89d33488315c95
-
SSDEEP
12288:fTdED8z8zfnAUU2YgzPo3QL/wkZOrPm9lU9e7NYAg+q:pEuym2YgzPCQLxOrPmlU9SN5Lq
-
Ardamax family
-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-