blackshades | b2e9c4be09854c63d429a1ba0b461076aecd0356a642151b2ef54b426161e8ee | Triage

Submit
Reports

Overview

overview

Static

static

5

JaffaCakes...41.exe

windows7-x64

JaffaCakes...41.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_4026bf5e8a2564dad95349ed36382441
Size

229KB
Sample

250302-pehvjstyfw
MD5

4026bf5e8a2564dad95349ed36382441
SHA1

81b870ece00b1b94d939dae73ee5477f37dfef50
SHA256

b2e9c4be09854c63d429a1ba0b461076aecd0356a642151b2ef54b426161e8ee
SHA512

35eeb5add896790b0d2dac2f465f9df01ab87e5c53fc2d6e6890317b6c3370e62b3fd1f7906d4b6bd789186d602d4e2af867a5e918865d8169a38da3cc3d75f3
SSDEEP

6144:t1Y4TZg8ZH+U0hj19NxECzYBKn1Y4TZg8ZH+U0hj19NxECzYBK:tCU+oV0hHNGpBKnCU+oV0hHNGpBK

Score

10^/10

blackshades defense_evasion discovery rat upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_4026bf5e8a2564dad95349ed36382441.exe

Resource

win7-20240903-en

blackshades defense_evasion discovery rat upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_4026bf5e8a2564dad95349ed36382441.exe

Resource

win10v2004-20250217-en

blackshades defense_evasion discovery rat upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_4026bf5e8a2564dad95349ed36382441
- Size
  
  229KB
- MD5
  
  4026bf5e8a2564dad95349ed36382441
- SHA1
  
  81b870ece00b1b94d939dae73ee5477f37dfef50
- SHA256
  
  b2e9c4be09854c63d429a1ba0b461076aecd0356a642151b2ef54b426161e8ee
- SHA512
  
  35eeb5add896790b0d2dac2f465f9df01ab87e5c53fc2d6e6890317b6c3370e62b3fd1f7906d4b6bd789186d602d4e2af867a5e918865d8169a38da3cc3d75f3
- SSDEEP
  
  6144:t1Y4TZg8ZH+U0hj19NxECzYBKn1Y4TZg8ZH+U0hj19NxECzYBK:tCU+oV0hHNGpBKnCU+oV0hHNGpBK
Score

10^/10

blackshades defense_evasion discovery rat upx
- Blackshades
  Blackshades is a remote access trojan with various capabilities.
  rat blackshades
- Blackshades family
  blackshades
- Blackshades payload
- Modifies firewall policy service
  defense_evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackshadesdefense_evasiondiscoveryratupx

behavioral2

blackshadesdefense_evasiondiscoveryratupx

© 2018-2025

Terms | Privacy