General

  • Target

    JaffaCakes118_75ae87a837841ffc7c2979023782c641

  • Size

    292KB

  • Sample

    250315-jq2txa1qv7

  • MD5

    75ae87a837841ffc7c2979023782c641

  • SHA1

    d42ee6f2d28e1d58c4a1a1d74c07a351275e680a

  • SHA256

    dd32b77ffbd8a1a59caeb5c471e516bf33af527d8b0011c521e4768c0eb9108b

  • SHA512

    eeda2120412a9cb7e532be4f4d415a4de8dd81fcf74d5a46d3310cd3d965f9de81fd7ce0a4b49bbb0cbcaa628ce00a2a3994438df1e77ed49f62e3ae4eabe139

  • SSDEEP

    6144:gLICEjFAqnTJJdvKsdbYafrXRo2i7JXzkzKL0bEsN1qvxy4p26aS0l:gLI3jZJJKsZjjBo2i7JjkzKL0/Tgki2l

Malware Config

Targets

    • Target

      JaffaCakes118_75ae87a837841ffc7c2979023782c641

    • Size

      292KB

    • MD5

      75ae87a837841ffc7c2979023782c641

    • SHA1

      d42ee6f2d28e1d58c4a1a1d74c07a351275e680a

    • SHA256

      dd32b77ffbd8a1a59caeb5c471e516bf33af527d8b0011c521e4768c0eb9108b

    • SHA512

      eeda2120412a9cb7e532be4f4d415a4de8dd81fcf74d5a46d3310cd3d965f9de81fd7ce0a4b49bbb0cbcaa628ce00a2a3994438df1e77ed49f62e3ae4eabe139

    • SSDEEP

      6144:gLICEjFAqnTJJdvKsdbYafrXRo2i7JXzkzKL0bEsN1qvxy4p26aS0l:gLI3jZJJKsZjjBo2i7JjkzKL0/Tgki2l

    • Blackshades

      Blackshades is a remote access trojan with various capabilities.

    • Blackshades family

    • Blackshades payload

    • Modifies firewall policy service

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks