blackguard | file[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20221111-en

blackguard collection evasion persistence spyware stealer

windows7-x64

22 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20220901-en

blackguard collection evasion persistence spyware stealer

windows10-2004-x64

24 signatures

150 seconds

General

Target

file.exe
Size

6.9MB
MD5

146ffe4774086772bb8dc8af417d1bee
SHA1

a6ba1bfd326034d363f003def9600e4b3f8a3c99
SHA256

feb090fe2a018ba71f2db302a253998b66f9655a0d83f80db512604093aee9de
SHA512

332272905c5d85c226fcaa74ad60bf6bdd9544809b4dff4cedba42b42b8aa005c0cf7a9224a3c9070858a7311a640eedfeb1e5c19296b286e3ba5952584f99cb
SSDEEP

98304:5iyaKXumYgc4UC0td7fAYMQSlV4AnEjdGS1YVrsk9N8ivyhAdsPSQxNU3r:o5KmgfUCEvyVN8iNISeU7

Score

10^/10

blackguard

Malware Config

Extracted

Family

blackguard

C2

https://ipwhois.app/xml/

Signatures

Blackguard family
blackguard

Files

file.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy