General
-
Target
JaffaCakes118_7fccbe64ede5d90dd4b6c0f0459f6a8f
-
Size
360KB
-
Sample
250202-xjwafawrbm
-
MD5
7fccbe64ede5d90dd4b6c0f0459f6a8f
-
SHA1
1f3b2bf7f19c130c7a49b8944ff11e1f2a4b1b08
-
SHA256
05dfdfd9d2a590ace577febbb76a1039f766596c72e0c6450772566f49359480
-
SHA512
9e6e8265d385c5d675fc4d5e6bcbcf02fea183f98b149923744562c5578cbaa72c0acb8c1a4dc4baa80e475c54994c8c03fe2ea8cb9a30016132f1ac7e19061d
-
SSDEEP
6144:K9IzIbz3RT9eg/5R2MaMCorVUnp6f4GbB0C13uSQrwc0cBLBsK5p09YDH2lSXyH:KSYREg2VMCK0p6fBiC13bQrNbs+p09OQ
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_7fccbe64ede5d90dd4b6c0f0459f6a8f.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_7fccbe64ede5d90dd4b6c0f0459f6a8f.exe
Resource
win10v2004-20250129-en
Malware Config
Targets
-
-
Target
JaffaCakes118_7fccbe64ede5d90dd4b6c0f0459f6a8f
-
Size
360KB
-
MD5
7fccbe64ede5d90dd4b6c0f0459f6a8f
-
SHA1
1f3b2bf7f19c130c7a49b8944ff11e1f2a4b1b08
-
SHA256
05dfdfd9d2a590ace577febbb76a1039f766596c72e0c6450772566f49359480
-
SHA512
9e6e8265d385c5d675fc4d5e6bcbcf02fea183f98b149923744562c5578cbaa72c0acb8c1a4dc4baa80e475c54994c8c03fe2ea8cb9a30016132f1ac7e19061d
-
SSDEEP
6144:K9IzIbz3RT9eg/5R2MaMCorVUnp6f4GbB0C13uSQrwc0cBLBsK5p09YDH2lSXyH:KSYREg2VMCK0p6fBiC13bQrNbs+p09OQ
Score10/10-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Drops startup file
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-