Overview

overview

10

Static

static

3

JaffaCakes...b7.exe

windows7-x64

10

JaffaCakes...b7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_a3e4d2bb2ba32428384839bb95328cb7

  • Size

    140KB

  • Sample

    250205-1a4f8svlhn

  • MD5

    a3e4d2bb2ba32428384839bb95328cb7

  • SHA1

    d35db8eeae2da93ecc21ca0c63e5c1ee1336c51d

  • SHA256

    ac52018b88643cdcf2e7f0bd07c3e4043454a6b5b665f7ab4144281dc2dd27d5

  • SHA512

    72f32cd1939c7f259434d4a4e0f658babc4c097633281ec6e110e3560d51097b8f72b65c440673cbe3509dd1269e0facaeb45f868e0b1da33f95c51371a0b861

  • SSDEEP

    3072:67uG39Vk4ML6h2F9CbcajLhVRNWgxqqgvepvCE5p+7m:zG3Hxhw0NhVRNWgxJgvGCE506

Score
10/10
ardamaxdiscoverykeyloggerstealer

Malware Config

Targets

    • Target

      JaffaCakes118_a3e4d2bb2ba32428384839bb95328cb7

    • Size

      140KB

    • MD5

      a3e4d2bb2ba32428384839bb95328cb7

    • SHA1

      d35db8eeae2da93ecc21ca0c63e5c1ee1336c51d

    • SHA256

      ac52018b88643cdcf2e7f0bd07c3e4043454a6b5b665f7ab4144281dc2dd27d5

    • SHA512

      72f32cd1939c7f259434d4a4e0f658babc4c097633281ec6e110e3560d51097b8f72b65c440673cbe3509dd1269e0facaeb45f868e0b1da33f95c51371a0b861

    • SSDEEP

      3072:67uG39Vk4ML6h2F9CbcajLhVRNWgxqqgvepvCE5p+7m:zG3Hxhw0NhVRNWgxJgvGCE506

    Score
    10/10
    ardamaxdiscoverykeyloggerstealer

    • Ardamax

      A keylogger first seen in 2013.

      keyloggerstealerardamax

    • Ardamax family

      ardamax

    • Ardamax main executable

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks