blackguard | d2f181221ba9049c02ed7283c9144c7c[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

d2f181221b...7c.exe

windows7_x64

d2f181221b...7c.exe

windows10-2004_x64

Resubmissions

31/03/2022, 16:03 UTC

220331-thnx7aedd2 10

03/02/2022, 08:05 UTC

220203-jyw9dsedhp 3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d2f181221ba9049c02ed7283c9144c7c.exe

Resource

win7-20220310-en

blackguard stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

d2f181221ba9049c02ed7283c9144c7c.exe

Resource

win10v2004-en-20220113

blackguard stealer

windows10-2004_x64

0 signatures

0 seconds

General

Target

d2f181221ba9049c02ed7283c9144c7c.exe
Size

1.7MB
MD5

d2f181221ba9049c02ed7283c9144c7c
SHA1

b4ed1b4714112d5fc3c7b4673e19ed26ae4c6e85
SHA256

f47db48129530cf19f3c42f0c9f38ce1915f403469483661999dc2b19e12650b
SHA512

ab0b9a029489f6b3a091c7823b5523ea3cfd8677b32eddd48ba7e64694e4146c3292589d9d09bd0cc5908c9d86c830ee21e75f8712e6f3a2cba2cfd853f372a1
SSDEEP

49152:2Uceq3w+dZrYACactL1yt6sqz2X65b9vj:mewdBOe6Zk

Score

10^/10

blackguard

Malware Config

Extracted

Family

blackguard

C2

http://funkyjazz.me/

Signatures

Blackguard family
blackguard

Files

d2f181221ba9049c02ed7283c9144c7c.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.