General
-
Target
ac9a385ed349751e547ee50af45aa349_JaffaCakes118
-
Size
599KB
-
Sample
241128-rjc6zawjar
-
MD5
ac9a385ed349751e547ee50af45aa349
-
SHA1
36396fe242269825f3ad73f0254bc542ec71fc95
-
SHA256
df960a52ca77f69ceded3d6767a7d99cfcb96678a975179ba149a935124345d4
-
SHA512
ebb500f3c7b11a9cd795488ee8100e6076eeeedad13d282d9bce162fe21e40d3bd0407cdf8bb1b88d6360727db40526d72c7d45785aaa41ddebe8187e32aea66
-
SSDEEP
12288:IuPZTkZz7IaD2IbjUTOSm4l0Ht1D1ViKCeKR7FXwdLGP2O9N3:IoZS7IaDffUT5m4l0Ht1DjjKPRPnN3
Static task
static1
Behavioral task
behavioral1
Sample
Install.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
Install.exe
-
Size
623KB
-
MD5
a6a6d117db896ef94a55b8447f042287
-
SHA1
3054359e47098a2486cabd3497651e097a416fdc
-
SHA256
e13df26ff6cec13b9214d5913866a97f92b12993453452040239a8503c5ebd2a
-
SHA512
057279dada7162565d9dd72c0e1be121b9aa97f753f9eccc5e20381c599b43fc35b746b2c549c46341396449e79ed36dbee40264b977065f72ba7943fd6ec8cb
-
SSDEEP
12288:2EE2KG1pyiwMW8MVzoAbSvK4QL9QSnDE5R691w6MIAtaAnWkgeCb3bEn2zBPpnsc:C2VjwMqVzEC4cE5Raw6MIAEAWkNCg8gc
-
Ardamax family
-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-