General
-
Target
JaffaCakes118_24deb3d902c7c229bed5feb1ddc63306
-
Size
138KB
-
Sample
250124-ykdx8avpey
-
MD5
24deb3d902c7c229bed5feb1ddc63306
-
SHA1
af61d128cc3c6959dcdc2b46d0a1458e47031119
-
SHA256
16a95ed3e7c6546526bf79bd8c8986777470554736a0304e499d242a7857e266
-
SHA512
564b1ad61549d2ecdea4d1a8b84a2c03743624bc5009e3fddc1c602bac7fc301e01ce62906a25b68d5c496c6c0ace5bb8cee74cb2ac5ba685ee533079af2e236
-
SSDEEP
3072:+rMI/wBLMzKqpQujnSabibHPR09db1fDP/iUzK2yHmcnpzp:+rbIwzKqpQgn5WbvR09db1fDSIyH3np
Behavioral task
behavioral1
Sample
JaffaCakes118_24deb3d902c7c229bed5feb1ddc63306.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_24deb3d902c7c229bed5feb1ddc63306.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_24deb3d902c7c229bed5feb1ddc63306
-
Size
138KB
-
MD5
24deb3d902c7c229bed5feb1ddc63306
-
SHA1
af61d128cc3c6959dcdc2b46d0a1458e47031119
-
SHA256
16a95ed3e7c6546526bf79bd8c8986777470554736a0304e499d242a7857e266
-
SHA512
564b1ad61549d2ecdea4d1a8b84a2c03743624bc5009e3fddc1c602bac7fc301e01ce62906a25b68d5c496c6c0ace5bb8cee74cb2ac5ba685ee533079af2e236
-
SSDEEP
3072:+rMI/wBLMzKqpQujnSabibHPR09db1fDP/iUzK2yHmcnpzp:+rbIwzKqpQgn5WbvR09db1fDSIyH3np
-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1