blackguard | cleaner[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

cleaner.exe

windows7_x64

cleaner.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

cleaner.exe

Resource

win7-20220223-en

blackguard spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

cleaner.exe

Resource

win10v2004-en-20220113

blackguard spyware stealer

windows10-2004_x64

0 signatures

0 seconds

General

Target

cleaner.exe
Size

6.0MB
MD5

13fa56ab5b3bd88a84aa8d2ca32de8fb
SHA1

efa1edcfb626cc61a48df4c942e2d023191d90a9
SHA256

62416ed5c114e347643b51879ee8a75e8a871ab7c02679402f99aaf697e9f9e8
SHA512

e71d244e24c4aa8ff42968b9c4135b605554a7384cd96e22a8ba0616289f7ba06cce20e1f738d8782397df965cb1f8bd93d2b4c3344b2e35f734ed7ee54cda8e

Score

10^/10

blackguard

Malware Config

Extracted

Family

blackguard

C2

https://api.telegram.org/bot1840568117:AAGlvKQeSfXkObSE7__yYc5jM9o8qSrkFUw/sendMessage?chat_id=1039923904

Signatures

Blackguard family
blackguard

Files

cleaner.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy