General
-
Target
JaffaCakes118_32d5b9a326b1f65b7b425e1dd2a94510
-
Size
162KB
-
Sample
250228-kgvjxaxlv4
-
MD5
32d5b9a326b1f65b7b425e1dd2a94510
-
SHA1
7041a073555b139fae9b75199f310b5c2655e60a
-
SHA256
5635ac0f0f04507f43f9ca6afd92dbcd4aff90aba7693cbc3560f4243ddaa2ba
-
SHA512
3be7f53bf482940c82365a5b2872949dbf382bb8341c27e52082818161ee03eef136b718634dd3226bc6747daedcf053a976c5474a3fcdc1ffb4141a05d39d1d
-
SSDEEP
3072:sOgpp9ARzWvkPeX+O4WylbzxUMyhdSQvdh6m8OBeETioMC:pk+RzKlXuWEbzxU5dSiPBeAiod
Malware Config
Targets
-
-
Target
JaffaCakes118_32d5b9a326b1f65b7b425e1dd2a94510
-
Size
162KB
-
MD5
32d5b9a326b1f65b7b425e1dd2a94510
-
SHA1
7041a073555b139fae9b75199f310b5c2655e60a
-
SHA256
5635ac0f0f04507f43f9ca6afd92dbcd4aff90aba7693cbc3560f4243ddaa2ba
-
SHA512
3be7f53bf482940c82365a5b2872949dbf382bb8341c27e52082818161ee03eef136b718634dd3226bc6747daedcf053a976c5474a3fcdc1ffb4141a05d39d1d
-
SSDEEP
3072:sOgpp9ARzWvkPeX+O4WylbzxUMyhdSQvdh6m8OBeETioMC:pk+RzKlXuWEbzxU5dSiPBeAiod
Score10/10-
Blackshades
Blackshades is a remote access trojan with various capabilities.
-
Blackshades family
-
Blackshades payload
-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-