General
-
Target
JaffaCakes118_18e46aa49e5a845630ee285803513982
-
Size
346KB
-
Sample
250123-tmkrbsvndt
-
MD5
18e46aa49e5a845630ee285803513982
-
SHA1
46028820334a95cb150e8b42c5cae11d789e822d
-
SHA256
d3a9134fe93b1cb6cd6a9591a9d8b59b18ccdf3123fe39d9dc3df16526063f2b
-
SHA512
96acc14503ee18eba8e086a9901bf0c01b555a280d5ca2ba211f9e63b5794c4e065bd1e1323fae80db34ced94d5ee46a318d87da1c33a6b004ab6f6b6276f623
-
SSDEEP
6144:bpt8O8KrNaGBqW4RMqPKk9IV6AWszAqS8gPCvkZ6KTiMOa5n1:T8OT8WwMLoIBkt8gaMEKOMRL
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_18e46aa49e5a845630ee285803513982.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_18e46aa49e5a845630ee285803513982.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_18e46aa49e5a845630ee285803513982
-
Size
346KB
-
MD5
18e46aa49e5a845630ee285803513982
-
SHA1
46028820334a95cb150e8b42c5cae11d789e822d
-
SHA256
d3a9134fe93b1cb6cd6a9591a9d8b59b18ccdf3123fe39d9dc3df16526063f2b
-
SHA512
96acc14503ee18eba8e086a9901bf0c01b555a280d5ca2ba211f9e63b5794c4e065bd1e1323fae80db34ced94d5ee46a318d87da1c33a6b004ab6f6b6276f623
-
SSDEEP
6144:bpt8O8KrNaGBqW4RMqPKk9IV6AWszAqS8gPCvkZ6KTiMOa5n1:T8OT8WwMLoIBkt8gaMEKOMRL
-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1