General

  • Target

    JaffaCakes118_4d1f7c453c890227f8a36d295aaa0a40

  • Size

    245KB

  • Sample

    250304-nr1qfsy1at

  • MD5

    4d1f7c453c890227f8a36d295aaa0a40

  • SHA1

    4c18f5d14c1a9e893854cdcadeaad81407886a20

  • SHA256

    392d3ed2962e3bdd75d6d8b2b3163cd0ac84f3c6731b282be0cd619ba3779249

  • SHA512

    b06300a508381cbe7c9008ac93e9bfe0a7d122ef37e41937ed32c2c06bec798a7af530901a355a7085f368be89a4617273a5a5d6d08aa50c95c0727df2797904

  • SSDEEP

    6144:FxeV9LbEZ9txNy72AQ5Mbay96Gf1/JjyA7W04jcznXp2:XevnEZ9vNM2J9DkDWApDXp2

Malware Config

Targets

    • Target

      JaffaCakes118_4d1f7c453c890227f8a36d295aaa0a40

    • Size

      245KB

    • MD5

      4d1f7c453c890227f8a36d295aaa0a40

    • SHA1

      4c18f5d14c1a9e893854cdcadeaad81407886a20

    • SHA256

      392d3ed2962e3bdd75d6d8b2b3163cd0ac84f3c6731b282be0cd619ba3779249

    • SHA512

      b06300a508381cbe7c9008ac93e9bfe0a7d122ef37e41937ed32c2c06bec798a7af530901a355a7085f368be89a4617273a5a5d6d08aa50c95c0727df2797904

    • SSDEEP

      6144:FxeV9LbEZ9txNy72AQ5Mbay96Gf1/JjyA7W04jcznXp2:XevnEZ9vNM2J9DkDWApDXp2

    • Blackshades

      Blackshades is a remote access trojan with various capabilities.

    • Blackshades family

    • Blackshades payload

    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks