blackguard | bde2b977cdd7c086a35825a9ba7f2307341a3917f40cc193ed316dde106a6c74 | Triage

Sharing

General

Target

bde2b977cdd7c086a35825a9ba7f2307341a3917f40cc193ed316dde106a6c74_JC.exe
Size

9.6MB
Sample

231013-1ddd8adc65
MD5

ec333982af0977d8af5a4984792a4385
SHA1

d5b7e49c6476766d45a18cdd150d0679a9529a5a
SHA256

bde2b977cdd7c086a35825a9ba7f2307341a3917f40cc193ed316dde106a6c74
SHA512

1446ecc9ca6f193796cdbaf1b9f291b85a36279659254e6cbf286dba8a0e5f233c889b459b799a0d18462f1210841a61a207f76bc90db4365a43e7d967761cfc
SSDEEP

49152:LLLjKXCrX+hMesdq40bf95X9K5NRcSJDg/u/fiGhG6E7/6bp1pBt0zKkevwN/+j:

Score

10^/10

blackguard stealer

Malware Config

Targets

- Target
  
  bde2b977cdd7c086a35825a9ba7f2307341a3917f40cc193ed316dde106a6c74_JC.exe
- Size
  
  9.6MB
- MD5
  
  ec333982af0977d8af5a4984792a4385
- SHA1
  
  d5b7e49c6476766d45a18cdd150d0679a9529a5a
- SHA256
  
  bde2b977cdd7c086a35825a9ba7f2307341a3917f40cc193ed316dde106a6c74
- SHA512
  
  1446ecc9ca6f193796cdbaf1b9f291b85a36279659254e6cbf286dba8a0e5f233c889b459b799a0d18462f1210841a61a207f76bc90db4365a43e7d967761cfc
- SSDEEP
  
  49152:LLLjKXCrX+hMesdq40bf95X9K5NRcSJDg/u/fiGhG6E7/6bp1pBt0zKkevwN/+j:
Score

10^/10

blackguard stealer
- BlackGuard
  Infostealer first seen in Late 2021.
  stealer blackguard
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackguardstealer

behavioral2

blackguardstealer