General
-
Target
JaffaCakes118_4a7c5314a7a469f1129f8e6ecde5883f
-
Size
152KB
-
Sample
250304-cj5hwswqt9
-
MD5
4a7c5314a7a469f1129f8e6ecde5883f
-
SHA1
dea5dbdf63cf1cc0864f11809cb074bf837cb3c3
-
SHA256
95cbe5717f3095cd9e65143222c4c8f699c9b5a739ad8aa85de49c5b180938f7
-
SHA512
5dc9545420aec72ec021f0138a8dba96338083fc6fbd2e7daeb66faa9e3d646ae6d11240ceac92555b6aab2f54ebc402c546fc0d8f92752b80f1712272178210
-
SSDEEP
3072:KBbyIjo3yxqrIM8NGAHhX7XWWXGRf5jocsGDGcRCu:KBbFT1FHhLfXGLUxhu
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_4a7c5314a7a469f1129f8e6ecde5883f.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_4a7c5314a7a469f1129f8e6ecde5883f.exe
Resource
win10v2004-20250217-en
Malware Config
Targets
-
-
Target
JaffaCakes118_4a7c5314a7a469f1129f8e6ecde5883f
-
Size
152KB
-
MD5
4a7c5314a7a469f1129f8e6ecde5883f
-
SHA1
dea5dbdf63cf1cc0864f11809cb074bf837cb3c3
-
SHA256
95cbe5717f3095cd9e65143222c4c8f699c9b5a739ad8aa85de49c5b180938f7
-
SHA512
5dc9545420aec72ec021f0138a8dba96338083fc6fbd2e7daeb66faa9e3d646ae6d11240ceac92555b6aab2f54ebc402c546fc0d8f92752b80f1712272178210
-
SSDEEP
3072:KBbyIjo3yxqrIM8NGAHhX7XWWXGRf5jocsGDGcRCu:KBbFT1FHhLfXGLUxhu
-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1