General

  • Target

    JaffaCakes118_729b6a7fc3c84cb1885b22766b400e94

  • Size

    804KB

  • Sample

    250314-axs1xaw1cs

  • MD5

    729b6a7fc3c84cb1885b22766b400e94

  • SHA1

    3932bb2733146a85b48dbb8b7cea52d8fc583005

  • SHA256

    6a1e16fa6043c8810ce7a4a8c87cd6bd3bf74eb43034b38cc936733fa6d11b04

  • SHA512

    4eeb9418e7950bdb80bf9b1ef6dee261dd064a0c94c17011ef20ae729a944ca26426bbceeff7b9d50bd27545c28dc12a0749d5113cabc73939876e9d91ae2c1a

  • SSDEEP

    12288:VdZDWEbVUrCPvlAH2RXyd5zDac+q6Tvb+HE8SHs3dv/T58krNgpbjS:VjWEfPvO2RXyd5aciTMy8N8LjS

Malware Config

Targets

    • Target

      JaffaCakes118_729b6a7fc3c84cb1885b22766b400e94

    • Size

      804KB

    • MD5

      729b6a7fc3c84cb1885b22766b400e94

    • SHA1

      3932bb2733146a85b48dbb8b7cea52d8fc583005

    • SHA256

      6a1e16fa6043c8810ce7a4a8c87cd6bd3bf74eb43034b38cc936733fa6d11b04

    • SHA512

      4eeb9418e7950bdb80bf9b1ef6dee261dd064a0c94c17011ef20ae729a944ca26426bbceeff7b9d50bd27545c28dc12a0749d5113cabc73939876e9d91ae2c1a

    • SSDEEP

      12288:VdZDWEbVUrCPvlAH2RXyd5zDac+q6Tvb+HE8SHs3dv/T58krNgpbjS:VjWEfPvO2RXyd5aciTMy8N8LjS

    • Blackshades

      Blackshades is a remote access trojan with various capabilities.

    • Blackshades family

    • Blackshades payload

    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks