blackshades | 356f8192676cbf3f4b1ed91fe9af0484dab3b36f7a7152eab61c4bb240e09eb9 | Triage

Sharing

General

Target

JaffaCakes118_2d220abbec85cf9f7bd72b36969880fc
Size

336KB
Sample

250125-s4tj5ayqd1
MD5

2d220abbec85cf9f7bd72b36969880fc
SHA1

58cc4a0df23b58fa4b49af74f369b9de88d346fb
SHA256

356f8192676cbf3f4b1ed91fe9af0484dab3b36f7a7152eab61c4bb240e09eb9
SHA512

d3b94e431f0e14957ca6914bb0cdffb474987429c1ed39d11d1e1b2ff7fb3cda6d29a2bd2582208fe7bf946d056362a5a7eff43f14c44bc34a031164581d05a3
SSDEEP

6144:6iu0srKxP6nVMg1FENy/V/5c6thb+lazG8j:650srcyLjN/5c6thb+lazGe

Score

10^/10

blackshades defense_evasion discovery rat

Malware Config

Targets

- Target
  
  JaffaCakes118_2d220abbec85cf9f7bd72b36969880fc
- Size
  
  336KB
- MD5
  
  2d220abbec85cf9f7bd72b36969880fc
- SHA1
  
  58cc4a0df23b58fa4b49af74f369b9de88d346fb
- SHA256
  
  356f8192676cbf3f4b1ed91fe9af0484dab3b36f7a7152eab61c4bb240e09eb9
- SHA512
  
  d3b94e431f0e14957ca6914bb0cdffb474987429c1ed39d11d1e1b2ff7fb3cda6d29a2bd2582208fe7bf946d056362a5a7eff43f14c44bc34a031164581d05a3
- SSDEEP
  
  6144:6iu0srKxP6nVMg1FENy/V/5c6thb+lazG8j:650srcyLjN/5c6thb+lazGe
Score

10^/10

defense_evasion discovery blackshades rat
- Blackshades
  Blackshades is a remote access trojan with various capabilities.
  rat blackshades
- Blackshades family
  blackshades
- Blackshades payload
- Modifies firewall policy service
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

blackshadesdefense_evasiondiscoveryrat