General

  • Target

    bb30e803849068c644c9d90c475b63b9_JaffaCakes118

  • Size

    1.2MB

  • Sample

    241203-cbtrestng1

  • MD5

    bb30e803849068c644c9d90c475b63b9

  • SHA1

    02a176ab43a351b9ba2dc19cd7eb3b5522a0881f

  • SHA256

    99e10e5b9cb36d1c54816ef6ce4359663b47c110a194d3498f23deb53916ca0d

  • SHA512

    975a4acba9dd7a9be484081c2b628d537ef0ff5020ac8607629ebf81733fb22149e1d757a9b2f7ed01b11f41884b4998516afd839224966e99b831ce39f0ba0f

  • SSDEEP

    24576:x2iFgTlNy7voh3LWS3+4PZu8te4XNUTAkssZEgY7PkZ7yzVXL9LtnWU:x2iGTlNy8RLZ/PZ9tyUQZiPkZmzNLnnz

Malware Config

Targets

    • Target

      Install.exe

    • Size

      1.1MB

    • MD5

      ade23339d6c324d78c73ffc160db7095

    • SHA1

      5bb57a3e4fa5f89987de193069e613684d20c17c

    • SHA256

      4e4e83cec2a9816b3aa530d8f6cc58ba7433dd437265fcc67b0925859b295732

    • SHA512

      b7615ab01b1bec22fa0e488b50287cfe0d8f698bd8f83823825a2740421baf0359773d9d3b622f4f2e4bc4c8c04da6a6faf9dd65e6539416ef98c91e83480399

    • SSDEEP

      24576:MSE1TN+ewFToPILS5Jh6iUkieaaUpTRksTBqyI7PWZcygx0r9Mt6g:MSYTTwywLWD6ivirtnBqPWZzgWr06

    • Ardamax

      A keylogger first seen in 2013.

    • Ardamax family

    • Ardamax main executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

    • Target

      xFire.exe

    • Size

      536KB

    • MD5

      34bf62f4c02887b3cd14a9c544453b3c

    • SHA1

      4f7e75966250feb111f6eef46f1430b0d7215443

    • SHA256

      75a80f7c5069cd46ff67a5a3806ed8ba81a83cbeab3d7b3db02cd4101d693888

    • SHA512

      2ac97e52cf388b44a3311b5f130c3188684a05db8ed4ad3eedb7d3758b2ccd5ff2f083c2d18332076b9a3b92abc5ac1e3bacc372f2abd8041a76aff605952279

    • SSDEEP

      3072:7BxC6V1Lp4YMoMq4DQUC7pCslWg6BcafQf1WiFozuhs+BvvP+sBfcRFa5Ku//Ko1:7PJBNPfgKOiK4Kr9Ss3sPC

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.