General

  • Target

    JaffaCakes118_4567ad70912be4ead2fbded484387afb

  • Size

    251KB

  • Sample

    250128-bpjypsskew

  • MD5

    4567ad70912be4ead2fbded484387afb

  • SHA1

    4482b29b4d805652eb663e2afae5a98f206bce36

  • SHA256

    608e626d6bcc242dab060d2f4030f6915a9c47a35c9a4efee10b56f5af79b202

  • SHA512

    db5a3986fcc5d954f2f6eadfde999d3c3dce57f1228acb2123eff4e2b6e282aebb6aa48d3bb72b025656c757754c34e76d8c09e39e29f45d345f137d2fff9614

  • SSDEEP

    3072:7rD8NGeamLEy+wJ3Nydgh76OBVJC3453oroXgvc+52VmRMJg4szGgslZ7WEKYiel:7rAjHNodG76Of+23oUXggBLs9j1xZo

Malware Config

Targets

    • Target

      JaffaCakes118_4567ad70912be4ead2fbded484387afb

    • Size

      251KB

    • MD5

      4567ad70912be4ead2fbded484387afb

    • SHA1

      4482b29b4d805652eb663e2afae5a98f206bce36

    • SHA256

      608e626d6bcc242dab060d2f4030f6915a9c47a35c9a4efee10b56f5af79b202

    • SHA512

      db5a3986fcc5d954f2f6eadfde999d3c3dce57f1228acb2123eff4e2b6e282aebb6aa48d3bb72b025656c757754c34e76d8c09e39e29f45d345f137d2fff9614

    • SSDEEP

      3072:7rD8NGeamLEy+wJ3Nydgh76OBVJC3453oroXgvc+52VmRMJg4szGgslZ7WEKYiel:7rAjHNodG76Of+23oUXggBLs9j1xZo

    • Blackshades

      Blackshades is a remote access trojan with various capabilities.

    • Blackshades family

    • Blackshades payload

    • Modifies firewall policy service

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks