General
-
Target
JaffaCakes118_49b5cdcd1470735a53ccdb329a22d0fc
-
Size
764KB
-
Sample
250303-3ahkwaspz2
-
MD5
49b5cdcd1470735a53ccdb329a22d0fc
-
SHA1
d42de99e98ec98ee9dd36ef77801417a3f0cd8ae
-
SHA256
450f8782023b25154df0402ddfa8a13535988873618a7311e4c8609752c6cc36
-
SHA512
37bb2c5bcb5af35df553c9a9d89728dabcce085516e6e8a17d206f918c917252b374dee85598aa20e9d855dc13735f8191f79dcb691aa30a284adf4db2ffb87f
-
SSDEEP
12288:SNre4BlkwDX5fZ8YW0YfYaYgf7WX8Y9pqJ71GHYR9ID3c8wk08BbBMgdueLkbGyt:T4Pz5olWSJI69uggdyPt
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_49b5cdcd1470735a53ccdb329a22d0fc.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_49b5cdcd1470735a53ccdb329a22d0fc.exe
Resource
win10v2004-20250217-en
Malware Config
Targets
-
-
Target
JaffaCakes118_49b5cdcd1470735a53ccdb329a22d0fc
-
Size
764KB
-
MD5
49b5cdcd1470735a53ccdb329a22d0fc
-
SHA1
d42de99e98ec98ee9dd36ef77801417a3f0cd8ae
-
SHA256
450f8782023b25154df0402ddfa8a13535988873618a7311e4c8609752c6cc36
-
SHA512
37bb2c5bcb5af35df553c9a9d89728dabcce085516e6e8a17d206f918c917252b374dee85598aa20e9d855dc13735f8191f79dcb691aa30a284adf4db2ffb87f
-
SSDEEP
12288:SNre4BlkwDX5fZ8YW0YfYaYgf7WX8Y9pqJ71GHYR9ID3c8wk08BbBMgdueLkbGyt:T4Pz5olWSJI69uggdyPt
Score10/10-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Drops startup file
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-