Overview

overview

10

Static

static

10

bb8a90b7e1...64.exe

windows7-x64

10

bb8a90b7e1...64.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    05-12-2023 02:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bb8a90b7e193cfeee45c2e8f1dfc68724650c216744e69658e48e75b56ed4a64.exe

  • Size

    25.9MB

  • MD5

    a53a570dfb4eea99b0805f3f83b3b895

  • SHA1

    fc14250bad705156a2941817eb760585c4a8d589

  • SHA256

    bb8a90b7e193cfeee45c2e8f1dfc68724650c216744e69658e48e75b56ed4a64

  • SHA512

    eef869e9d5c0eb30e7b05808a99ff6278be621b576b8eb815b3be45750d6e2af45d937f4992c0817c2b557c135a43ea48c43da3a035736891b9ce21241793ddf

  • SSDEEP

    196608:v0lp0icuzFW5uqg7mTul7DF2JH5uua7yEASCQoKDz6:v0lbyuJRDFtyF6DG

Score
10/10
blackguardstealer

Malware Config

Signatures

  • BlackGuard

    Infostealer first seen in Late 2021.

    stealerblackguard
  • Loads dropped DLL 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bb8a90b7e193cfeee45c2e8f1dfc68724650c216744e69658e48e75b56ed4a64.exe
    "C:\Users\Admin\AppData\Local\Temp\bb8a90b7e193cfeee45c2e8f1dfc68724650c216744e69658e48e75b56ed4a64.exe"
    1⤵
    • Loads dropped DLL
    PID:2976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\x64\SQLite.Interop.dll
    Filesize

    1.7MB

    MD5

    c2d9e689c9b7dbfbd6266430fcce1add

    SHA1

    1ce680f48d19ab31f4af39c261451804a2858a11

    SHA256

    7bf956ba8edbc7358398707afddafa3acfcb212796f4169130d7cfa557653e67

    SHA512

    24867f191cb91e1a6dc7dbcfba02881dcb9bf49166315508bcfd331f51495a536431d33b5444fcfd270adf6def4691301c17c328cd8ef779819429437f590e08

    Download Submit

  • memory/2976-1-0x00000000003C0000-0x0000000001DA0000-memory.dmp

    Filesize

    25.9MB

    Download

  • memory/2976-0-0x000007FEF57A0000-0x000007FEF618C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2976-3-0x000000001D850000-0x000000001D8D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2976-4-0x000000001D850000-0x000000001D8D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2976-8-0x000000001EBA0000-0x000000001EBC5000-memory.dmp

    Filesize

    148KB

    Download

  • memory/2976-17-0x000007FEF57A0000-0x000007FEF618C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2976-18-0x000000001D850000-0x000000001D8D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2976-19-0x000000001D850000-0x000000001D8D0000-memory.dmp

    Filesize

    512KB

    Download