Overview

overview

10

Static

static

10

165f5b34f4...5d.exe

windows7-x64

10

165f5b34f4...5d.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    146s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231127-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-12-2023 02:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    165f5b34f4e8852e5de2927b040490dc8afe3f54db14a78229442337f3c4f75d.exe

  • Size

    25.9MB

  • MD5

    df4aa86f65ef83492b145406c925d62b

  • SHA1

    70e57e0623553eda4070e70de1b3008349911389

  • SHA256

    165f5b34f4e8852e5de2927b040490dc8afe3f54db14a78229442337f3c4f75d

  • SHA512

    6e758d16cf4aa6ce4929125f24acd6f66b9ec3f964d3d480aa1ad7026fc4d3d0bf1caa33cb13bff1d256c05127984c94167607e342833040129879c39d7c8de9

  • SSDEEP

    196608:c0lp0icuzFW5uqg7mGPl7DF24H5Q6lHhyEASClv+eHdRu:c0lbyuDRDFWWyFAcdI

Score
10/10
blackguardstealer

Malware Config

Signatures

  • BlackGuard

    Infostealer first seen in Late 2021.

    stealerblackguard
  • Loads dropped DLL 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\165f5b34f4e8852e5de2927b040490dc8afe3f54db14a78229442337f3c4f75d.exe
    "C:\Users\Admin\AppData\Local\Temp\165f5b34f4e8852e5de2927b040490dc8afe3f54db14a78229442337f3c4f75d.exe"
    1⤵
    • Loads dropped DLL
    PID:4408

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\x86\SQLite.Interop.dll
    Filesize

    1.3MB

    MD5

    730e57d00a8699352cfb15ec1159afd0

    SHA1

    3ce30190d1f64dcb4572f0dd0efc065d58407dd9

    SHA256

    29f4c07e9c5b265976967d8afe435b0e74bb6169c20090d856fbcc42a4bf48f0

    SHA512

    b5bbc861884d4ce0a0846688d493f7a84b97076849ab81fdf3631a525dd99a12c7156a9d43b3019f91a912ab102669b651c5f6c2967142c29d2b41e76aefd3df

    Download Submit

  • memory/4408-3-0x0000000006FC0000-0x0000000007052000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4408-9-0x000000000B920000-0x000000000B96C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/4408-0-0x0000000074410000-0x0000000074BC0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4408-5-0x00000000071D0000-0x00000000071E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4408-6-0x0000000006F80000-0x0000000006F8A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4408-7-0x00000000071D0000-0x00000000071E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4408-8-0x000000000B550000-0x000000000B8A4000-memory.dmp

    Filesize

    3.3MB

    Download

  • memory/4408-2-0x0000000007570000-0x0000000007B14000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4408-1-0x0000000000B30000-0x0000000002512000-memory.dmp

    Filesize

    25.9MB

    Download

  • memory/4408-14-0x000000000BA00000-0x000000000BA3C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/4408-15-0x000000000B9B0000-0x000000000B9D1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/4408-24-0x0000000074410000-0x0000000074BC0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4408-25-0x00000000071D0000-0x00000000071E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4408-26-0x00000000071D0000-0x00000000071E0000-memory.dmp

    Filesize

    64KB

    Download