blackguard | 216c960ac6ef399e7ff33b18c03777237ced76d59ce0f8bb4d5f9a22e85b3bd8 | Triage

Sharing

General

Target

bilds.exe
Size

628KB
Sample

220306-pmr37accak
MD5

f5ba22891326912d8f47c4fb5575d33b
SHA1

7c237b720304f76362ea66f0d37ab502daf22b30
SHA256

216c960ac6ef399e7ff33b18c03777237ced76d59ce0f8bb4d5f9a22e85b3bd8
SHA512

b77eb3cd6e920e554bdb052e4bfc44e3f23358a29297cb37685ed9ba76aa3452d3eaf284b2542379a6770bfa84fd5fa1f702aff8714b64859c1b4ebb7906b4de

Score

10^/10

blackguard spyware stealer

Malware Config

Extracted

Family

blackguard

C2

https://api.telegram.org/bot1840568117:AAGlvKQeSfXkObSE7__yYc5jM9o8qSrkFUw/sendMessage?chat_id=1039923904

Targets

- Target
  
  bilds.exe
- Size
  
  628KB
- MD5
  
  f5ba22891326912d8f47c4fb5575d33b
- SHA1
  
  7c237b720304f76362ea66f0d37ab502daf22b30
- SHA256
  
  216c960ac6ef399e7ff33b18c03777237ced76d59ce0f8bb4d5f9a22e85b3bd8
- SHA512
  
  b77eb3cd6e920e554bdb052e4bfc44e3f23358a29297cb37685ed9ba76aa3452d3eaf284b2542379a6770bfa84fd5fa1f702aff8714b64859c1b4ebb7906b4de
Score

10^/10

blackguard spyware stealer
- BlackGuard
  Infostealer first seen in Late 2021.
  stealer blackguard
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackguardspywarestealer

behavioral2

blackguardspywarestealer