blackshades | 292c47cad52c774b9fac605281f1ab2d968d53407d04143eb86e23b21d428222 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...d6.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_9fbc8534a165337e80a71b2e00de38d6
Size

280KB
Sample

250407-s7sr1axky2
MD5

9fbc8534a165337e80a71b2e00de38d6
SHA1

22642b6df37ac1a70ad63c9d80682291f1288569
SHA256

292c47cad52c774b9fac605281f1ab2d968d53407d04143eb86e23b21d428222
SHA512

4f2bcb8ecc247e6508178eb9cc448d7de1717bc3074c2896e538878a42957ee0ddaafaa8b81628899c157b3ce08187d3f505c5e72b2e596493f122e7d3af0425
SSDEEP

6144:NwFvCmlTuxYuiyNroqdkcbXXOKOF47IqS4OYoR436UuIo:NwFvSDiydoCkcbnOKiEp

Score

10^/10

blackshades defense_evasion discovery rat upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_9fbc8534a165337e80a71b2e00de38d6.exe

Resource

win10v2004-20250314-en

blackshades defense_evasion discovery rat upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_9fbc8534a165337e80a71b2e00de38d6
- Size
  
  280KB
- MD5
  
  9fbc8534a165337e80a71b2e00de38d6
- SHA1
  
  22642b6df37ac1a70ad63c9d80682291f1288569
- SHA256
  
  292c47cad52c774b9fac605281f1ab2d968d53407d04143eb86e23b21d428222
- SHA512
  
  4f2bcb8ecc247e6508178eb9cc448d7de1717bc3074c2896e538878a42957ee0ddaafaa8b81628899c157b3ce08187d3f505c5e72b2e596493f122e7d3af0425
- SSDEEP
  
  6144:NwFvCmlTuxYuiyNroqdkcbXXOKOF47IqS4OYoR436UuIo:NwFvSDiydoCkcbnOKiEp
Score

10^/10

blackshades defense_evasion discovery rat upx
- Blackshades
  Blackshades is a remote access trojan with various capabilities.
  rat blackshades
- Blackshades family
  blackshades
- Blackshades payload
- Modifies firewall policy service
  defense_evasion
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackshadesdefense_evasiondiscoveryratupx

© 2018-2025

Terms | Privacy