General
-
Target
JaffaCakes118_75ae87a837841ffc7c2979023782c641
-
Size
292KB
-
Sample
250315-jq2txa1qv7
-
MD5
75ae87a837841ffc7c2979023782c641
-
SHA1
d42ee6f2d28e1d58c4a1a1d74c07a351275e680a
-
SHA256
dd32b77ffbd8a1a59caeb5c471e516bf33af527d8b0011c521e4768c0eb9108b
-
SHA512
eeda2120412a9cb7e532be4f4d415a4de8dd81fcf74d5a46d3310cd3d965f9de81fd7ce0a4b49bbb0cbcaa628ce00a2a3994438df1e77ed49f62e3ae4eabe139
-
SSDEEP
6144:gLICEjFAqnTJJdvKsdbYafrXRo2i7JXzkzKL0bEsN1qvxy4p26aS0l:gLI3jZJJKsZjjBo2i7JjkzKL0/Tgki2l
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_75ae87a837841ffc7c2979023782c641.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_75ae87a837841ffc7c2979023782c641.exe
Resource
win10v2004-20250314-en
Malware Config
Targets
-
-
Target
JaffaCakes118_75ae87a837841ffc7c2979023782c641
-
Size
292KB
-
MD5
75ae87a837841ffc7c2979023782c641
-
SHA1
d42ee6f2d28e1d58c4a1a1d74c07a351275e680a
-
SHA256
dd32b77ffbd8a1a59caeb5c471e516bf33af527d8b0011c521e4768c0eb9108b
-
SHA512
eeda2120412a9cb7e532be4f4d415a4de8dd81fcf74d5a46d3310cd3d965f9de81fd7ce0a4b49bbb0cbcaa628ce00a2a3994438df1e77ed49f62e3ae4eabe139
-
SSDEEP
6144:gLICEjFAqnTJJdvKsdbYafrXRo2i7JXzkzKL0bEsN1qvxy4p26aS0l:gLI3jZJJKsZjjBo2i7JjkzKL0/Tgki2l
Score10/10-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-