Overview

overview

10

Static

static

3

JaffaCakes...18.exe

windows7-x64

10

JaffaCakes...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_28d6fc8d558ff68ec5938344bee52218

  • Size

    516KB

  • Sample

    250226-1vgszavqt4

  • MD5

    28d6fc8d558ff68ec5938344bee52218

  • SHA1

    cf2f30baf5dd7ddd5773b0f1aea6f702c40ff8d6

  • SHA256

    3450f30f6f56849554afc2c9274d44f1dcfd0610f7d3ce1c939f625c5ad4c519

  • SHA512

    6ce84e1b5f09bedf184b69ebc71c1119cf49fa125825ba77faffa99ac32f891246f79a7c7b8a2a8a2b13d96ebae0650dd3e02312dbb32cc7ef380a55c05ce523

  • SSDEEP

    12288:/AKW/ZEh5o490vfGS7GKBsPiEo4PIGOJpZcK5A:/wZEhBofnGK2PiEUG9K5A

Score
10/10
blackshadesdefense_evasiondiscoverypersistencerat

Malware Config

Targets

    • Target

      JaffaCakes118_28d6fc8d558ff68ec5938344bee52218

    • Size

      516KB

    • MD5

      28d6fc8d558ff68ec5938344bee52218

    • SHA1

      cf2f30baf5dd7ddd5773b0f1aea6f702c40ff8d6

    • SHA256

      3450f30f6f56849554afc2c9274d44f1dcfd0610f7d3ce1c939f625c5ad4c519

    • SHA512

      6ce84e1b5f09bedf184b69ebc71c1119cf49fa125825ba77faffa99ac32f891246f79a7c7b8a2a8a2b13d96ebae0650dd3e02312dbb32cc7ef380a55c05ce523

    • SSDEEP

      12288:/AKW/ZEh5o490vfGS7GKBsPiEo4PIGOJpZcK5A:/wZEhBofnGK2PiEUG9K5A

    Score
    10/10
    blackshadesdefense_evasiondiscoverypersistencerat

    • Blackshades

      Blackshades is a remote access trojan with various capabilities.

      ratblackshades

    • Blackshades family

      blackshades

    • Blackshades payload

    • Modifies firewall policy service

      defense_evasion

    • Adds policy Run key to start application

      persistence

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks