Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_a08cb337ee4ccfc09686ccc94ff56138
-
Size
452KB
-
Sample
250205-rv4s3askej
-
MD5
a08cb337ee4ccfc09686ccc94ff56138
-
SHA1
bea928651c2f4de1db59ab94eeba60c970e41540
-
SHA256
e69427adf800b7e159974e58fe448623a7c6d256639300ed339d037cbcedeb46
-
SHA512
3126c1552c6bf779e85ed46fb938dd10fe5e8bcb9c5cfbe1190b02f6a3afb578d09eaf6c5336fba519f92561f32ce312e76cf52f0764812d7d3b1d6ab3a0a13e
-
SSDEEP
12288:APMCMagGoScmptvV+84GZKNoSF3SW2D9cZ9:APMCMaZcmpt9l4GZKrFiWGs
Malware Config
Targets
-
-
Target
JaffaCakes118_a08cb337ee4ccfc09686ccc94ff56138
-
Size
452KB
-
MD5
a08cb337ee4ccfc09686ccc94ff56138
-
SHA1
bea928651c2f4de1db59ab94eeba60c970e41540
-
SHA256
e69427adf800b7e159974e58fe448623a7c6d256639300ed339d037cbcedeb46
-
SHA512
3126c1552c6bf779e85ed46fb938dd10fe5e8bcb9c5cfbe1190b02f6a3afb578d09eaf6c5336fba519f92561f32ce312e76cf52f0764812d7d3b1d6ab3a0a13e
-
SSDEEP
12288:APMCMagGoScmptvV+84GZKNoSF3SW2D9cZ9:APMCMaZcmpt9l4GZKrFiWGs
Score10/10-
Ardamax
A keylogger first seen in 2013.
-
Ardamax family
-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-