General
-
Target
JaffaCakes118_77f07130a1a1e139d38098a08eb60ca6
-
Size
413KB
-
Sample
250315-z1vrcaxls2
-
MD5
77f07130a1a1e139d38098a08eb60ca6
-
SHA1
b4d023b269997d5fde4ed57062ba0ac015b842d7
-
SHA256
43c403672569210009fecc53485fc708f8abb3b22dc0c87cf41885c566b84698
-
SHA512
d0d11bbb45b79dd45e1fced8ec2d12210d67d0175cc3f0514a85b70243f60aa75cfc0be93b15e53ac922141700f0a0025f71306a0f1cbdbdb8b10a7c3ef9f04f
-
SSDEEP
12288:H4uPACtBKeUratKjtV6hzJGaJMqnJQ+qf/Daz2oS:YuPA8KentKjtV4zBGqnJQ+qu
Behavioral task
behavioral1
Sample
JaffaCakes118_77f07130a1a1e139d38098a08eb60ca6.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_77f07130a1a1e139d38098a08eb60ca6.exe
Resource
win10v2004-20250314-en
Malware Config
Targets
-
-
Target
JaffaCakes118_77f07130a1a1e139d38098a08eb60ca6
-
Size
413KB
-
MD5
77f07130a1a1e139d38098a08eb60ca6
-
SHA1
b4d023b269997d5fde4ed57062ba0ac015b842d7
-
SHA256
43c403672569210009fecc53485fc708f8abb3b22dc0c87cf41885c566b84698
-
SHA512
d0d11bbb45b79dd45e1fced8ec2d12210d67d0175cc3f0514a85b70243f60aa75cfc0be93b15e53ac922141700f0a0025f71306a0f1cbdbdb8b10a7c3ef9f04f
-
SSDEEP
12288:H4uPACtBKeUratKjtV6hzJGaJMqnJQ+qf/Daz2oS:YuPA8KentKjtV4zBGqnJQ+qu
-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1