General
-
Target
JaffaCakes118_10d6f33dadd2e25ea9772cdc9c3bdf64
-
Size
217KB
-
Sample
250122-y8akpsvmdm
-
MD5
10d6f33dadd2e25ea9772cdc9c3bdf64
-
SHA1
dac73b1e2c78e234ba8d851e8efee78587a701c5
-
SHA256
84beaae160f41e86812698a472fd1013a303146665d8dec44e94866749d8761b
-
SHA512
635eca55eaa2e09e7c546a13e90bdba9fa783eb25c723da6ddb6fefa6ceafdc8cac6a7d2ad80593308cbbf49e4bb5998f730a65a99157af40273d55379d52be2
-
SSDEEP
6144:en7UkW9wK4+GaXQBf05W7t2mb1IDoJlg9TdS4AvqjMEV:en7VW9/LGKQei8mhI04pSj4MO
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_10d6f33dadd2e25ea9772cdc9c3bdf64.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_10d6f33dadd2e25ea9772cdc9c3bdf64.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_10d6f33dadd2e25ea9772cdc9c3bdf64
-
Size
217KB
-
MD5
10d6f33dadd2e25ea9772cdc9c3bdf64
-
SHA1
dac73b1e2c78e234ba8d851e8efee78587a701c5
-
SHA256
84beaae160f41e86812698a472fd1013a303146665d8dec44e94866749d8761b
-
SHA512
635eca55eaa2e09e7c546a13e90bdba9fa783eb25c723da6ddb6fefa6ceafdc8cac6a7d2ad80593308cbbf49e4bb5998f730a65a99157af40273d55379d52be2
-
SSDEEP
6144:en7UkW9wK4+GaXQBf05W7t2mb1IDoJlg9TdS4AvqjMEV:en7VW9/LGKQei8mhI04pSj4MO
Score10/10-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-