General
-
Target
JaffaCakes118_7c208fca01c68860acc59c17ba581947
-
Size
850KB
-
Sample
250202-mzw7kazqgm
-
MD5
7c208fca01c68860acc59c17ba581947
-
SHA1
186d983264057c89d6b54fbce471b1f3c972ad1f
-
SHA256
33bcad2e57bba0cde232d9938aefc803ed846eb1fac1030dc8429d99d0abcf31
-
SHA512
31961a442b6c1473494c677cebc62d5b5f26e609fb3cdbdf7460b9cb03e1dcd7481526154cc5b1f1ddf9ef071bf715398584bb58f4d0e846621aaca42afe536f
-
SSDEEP
12288:5aWzgMg7v3qnCiMErQohh0F4CCJ8lny/QiC5x602XkkoC3/3q:YaHMv6Corjqny/QC0kkkoAa
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_7c208fca01c68860acc59c17ba581947.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
JaffaCakes118_7c208fca01c68860acc59c17ba581947.exe
Resource
win10v2004-20250129-en
Malware Config
Targets
-
-
Target
JaffaCakes118_7c208fca01c68860acc59c17ba581947
-
Size
850KB
-
MD5
7c208fca01c68860acc59c17ba581947
-
SHA1
186d983264057c89d6b54fbce471b1f3c972ad1f
-
SHA256
33bcad2e57bba0cde232d9938aefc803ed846eb1fac1030dc8429d99d0abcf31
-
SHA512
31961a442b6c1473494c677cebc62d5b5f26e609fb3cdbdf7460b9cb03e1dcd7481526154cc5b1f1ddf9ef071bf715398584bb58f4d0e846621aaca42afe536f
-
SSDEEP
12288:5aWzgMg7v3qnCiMErQohh0F4CCJ8lny/QiC5x602XkkoC3/3q:YaHMv6Corjqny/QC0kkkoAa
-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
4