General

  • Target

    JaffaCakes118_26fe3305a16ed5cdd8ca7eb39ba852dc

  • Size

    445KB

  • Sample

    250226-s9l28svmx2

  • MD5

    26fe3305a16ed5cdd8ca7eb39ba852dc

  • SHA1

    d44a7fc3c8a6b47f7ebc116aa97296d71fbef4d6

  • SHA256

    3852e6072c489557342589d77917434f88d6e2eb67be8220cd30010599f8a863

  • SHA512

    588a4a540779d97abe829f3cf4751058569306b7e5df17be809416db753ea48cbf4faa6f2a63cd0e29f824462c2d724c102352c6c6030f41384ed8b3991340a8

  • SSDEEP

    6144:0vzeaB4ATzm4UvoQpT0GREbLga28P+k+fuVf44XjZYWtXuYF/6zqXECBLeNHmdX:0bei4wzwvFpT0GRega3mkzz/JZeNGd

Malware Config

Targets

    • Target

      JaffaCakes118_26fe3305a16ed5cdd8ca7eb39ba852dc

    • Size

      445KB

    • MD5

      26fe3305a16ed5cdd8ca7eb39ba852dc

    • SHA1

      d44a7fc3c8a6b47f7ebc116aa97296d71fbef4d6

    • SHA256

      3852e6072c489557342589d77917434f88d6e2eb67be8220cd30010599f8a863

    • SHA512

      588a4a540779d97abe829f3cf4751058569306b7e5df17be809416db753ea48cbf4faa6f2a63cd0e29f824462c2d724c102352c6c6030f41384ed8b3991340a8

    • SSDEEP

      6144:0vzeaB4ATzm4UvoQpT0GREbLga28P+k+fuVf44XjZYWtXuYF/6zqXECBLeNHmdX:0bei4wzwvFpT0GRega3mkzz/JZeNGd

    • Blackshades

      Blackshades is a remote access trojan with various capabilities.

    • Blackshades family

    • Blackshades payload

    • Modifies firewall policy service

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks