General
-
Target
JaffaCakes118_9f5b73d693ce3216672d03ab07dd7ea5
-
Size
1.1MB
-
Sample
250407-qzg97a1vaw
-
MD5
9f5b73d693ce3216672d03ab07dd7ea5
-
SHA1
c06441d12ccc651ceb41c543553165f6561383c8
-
SHA256
63374f345942d7afa0ff9d54f360525cc1b11b1a6a78f53612973dbf646d2549
-
SHA512
4c3d87bde877eface5c5b4c5daf87cd25e271ce3d1f9bfddf02a1b51d9a320a3f1b2cb4ca06a615b2f06b6e7fcd08410d919579271ccb4cde7cbbc4c142dc6ad
-
SSDEEP
24576:h5Y8WP5oudlRLl3hP13iM40oh7kt3nuGz:BWP5oAlbNpii90Gz
Malware Config
Targets
-
-
Target
JaffaCakes118_9f5b73d693ce3216672d03ab07dd7ea5
-
Size
1.1MB
-
MD5
9f5b73d693ce3216672d03ab07dd7ea5
-
SHA1
c06441d12ccc651ceb41c543553165f6561383c8
-
SHA256
63374f345942d7afa0ff9d54f360525cc1b11b1a6a78f53612973dbf646d2549
-
SHA512
4c3d87bde877eface5c5b4c5daf87cd25e271ce3d1f9bfddf02a1b51d9a320a3f1b2cb4ca06a615b2f06b6e7fcd08410d919579271ccb4cde7cbbc4c142dc6ad
-
SSDEEP
24576:h5Y8WP5oudlRLl3hP13iM40oh7kt3nuGz:BWP5oAlbNpii90Gz
Score10/10-
Blackshades
Blackshades is a remote access trojan with various capabilities.
-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1