blackshades | dbb0e8a33e31d80a17cb59a73d10cd46078e8ce90ad31731df06ba5072a3a78e | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...5e.exe

windows7-x64

JaffaCakes...5e.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_ac227073fc762a753a4f0d54a672015e
Size

439KB
Sample

250206-rmgcssxkgx
MD5

ac227073fc762a753a4f0d54a672015e
SHA1

6d40e0f219184b91a2ba9d7c2063528ab18e69d9
SHA256

dbb0e8a33e31d80a17cb59a73d10cd46078e8ce90ad31731df06ba5072a3a78e
SHA512

9f94d4060f533d6203dd8f35f76d4900aefa34cd77798f9421416294b5b8a74b15141a46c74dcbdcda434fdb6f14d1ec1eef15ded6e44c0eb342effbb27c0384
SSDEEP

12288:p1bvHj81SuPP8VBxGLQ5ADAm0sspCpBVzYKj86s2I:pZPjZuPP8VTMcm9eC7pYO8

Score

10^/10

blackshades bootkit discovery persistence rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_ac227073fc762a753a4f0d54a672015e.exe

Resource

win7-20240903-en

blackshades bootkit discovery persistence rat

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_ac227073fc762a753a4f0d54a672015e.exe

Resource

win10v2004-20250129-en

blackshades discovery rat

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_ac227073fc762a753a4f0d54a672015e
- Size
  
  439KB
- MD5
  
  ac227073fc762a753a4f0d54a672015e
- SHA1
  
  6d40e0f219184b91a2ba9d7c2063528ab18e69d9
- SHA256
  
  dbb0e8a33e31d80a17cb59a73d10cd46078e8ce90ad31731df06ba5072a3a78e
- SHA512
  
  9f94d4060f533d6203dd8f35f76d4900aefa34cd77798f9421416294b5b8a74b15141a46c74dcbdcda434fdb6f14d1ec1eef15ded6e44c0eb342effbb27c0384
- SSDEEP
  
  12288:p1bvHj81SuPP8VBxGLQ5ADAm0sspCpBVzYKj86s2I:pZPjZuPP8VTMcm9eC7pYO8
Score

10^/10

blackshades bootkit discovery persistence rat
- Blackshades
  Blackshades is a remote access trojan with various capabilities.
  rat blackshades
- Blackshades family
  blackshades
- Blackshades payload
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackshadesbootkitdiscoverypersistencerat

behavioral2

blackshadesdiscoveryrat

© 2018-2025

Terms | Privacy