General
-
Target
JaffaCakes118_e67dc58e2a1221cc1ca02c4033f3f536
-
Size
531KB
-
Sample
250211-p2s9ss1ndk
-
MD5
e67dc58e2a1221cc1ca02c4033f3f536
-
SHA1
d4d7ddc1d2df64deb5887104aaa07ee803b0c42f
-
SHA256
0034adaefa4ec8ad384b72e4d5d0766c49f3aabe94d06c3309b0b1618729a06f
-
SHA512
ecd88832935e027fb2fb9d3047ed3c76a190e5d7364007a4f7b6f4c7f315898bed2b456cd8b4ae1d2fe2cf74ceff65266337c902f50599eb08a0db95a8ae0616
-
SSDEEP
12288:9mucTg1VKdxsxgw6eufZfg55YZ0a7H1AxyQsZL:gu4Sgxs6w6eqo/s9hAxyDZL
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_e67dc58e2a1221cc1ca02c4033f3f536.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_e67dc58e2a1221cc1ca02c4033f3f536.exe
Resource
win10v2004-20250207-en
Malware Config
Targets
-
-
Target
JaffaCakes118_e67dc58e2a1221cc1ca02c4033f3f536
-
Size
531KB
-
MD5
e67dc58e2a1221cc1ca02c4033f3f536
-
SHA1
d4d7ddc1d2df64deb5887104aaa07ee803b0c42f
-
SHA256
0034adaefa4ec8ad384b72e4d5d0766c49f3aabe94d06c3309b0b1618729a06f
-
SHA512
ecd88832935e027fb2fb9d3047ed3c76a190e5d7364007a4f7b6f4c7f315898bed2b456cd8b4ae1d2fe2cf74ceff65266337c902f50599eb08a0db95a8ae0616
-
SSDEEP
12288:9mucTg1VKdxsxgw6eufZfg55YZ0a7H1AxyQsZL:gu4Sgxs6w6eqo/s9hAxyDZL
Score10/10-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Downloads MZ/PE file
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-