General
-
Target
JaffaCakes118_4d1f7c453c890227f8a36d295aaa0a40
-
Size
245KB
-
Sample
250304-nr1qfsy1at
-
MD5
4d1f7c453c890227f8a36d295aaa0a40
-
SHA1
4c18f5d14c1a9e893854cdcadeaad81407886a20
-
SHA256
392d3ed2962e3bdd75d6d8b2b3163cd0ac84f3c6731b282be0cd619ba3779249
-
SHA512
b06300a508381cbe7c9008ac93e9bfe0a7d122ef37e41937ed32c2c06bec798a7af530901a355a7085f368be89a4617273a5a5d6d08aa50c95c0727df2797904
-
SSDEEP
6144:FxeV9LbEZ9txNy72AQ5Mbay96Gf1/JjyA7W04jcznXp2:XevnEZ9vNM2J9DkDWApDXp2
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_4d1f7c453c890227f8a36d295aaa0a40.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_4d1f7c453c890227f8a36d295aaa0a40.exe
Resource
win10v2004-20250217-en
Malware Config
Targets
-
-
Target
JaffaCakes118_4d1f7c453c890227f8a36d295aaa0a40
-
Size
245KB
-
MD5
4d1f7c453c890227f8a36d295aaa0a40
-
SHA1
4c18f5d14c1a9e893854cdcadeaad81407886a20
-
SHA256
392d3ed2962e3bdd75d6d8b2b3163cd0ac84f3c6731b282be0cd619ba3779249
-
SHA512
b06300a508381cbe7c9008ac93e9bfe0a7d122ef37e41937ed32c2c06bec798a7af530901a355a7085f368be89a4617273a5a5d6d08aa50c95c0727df2797904
-
SSDEEP
6144:FxeV9LbEZ9txNy72AQ5Mbay96Gf1/JjyA7W04jcznXp2:XevnEZ9vNM2J9DkDWApDXp2
-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1