Overview

overview

10

Static

static

10

bb8a90b7e1...64.exe

windows7-x64

10

bb8a90b7e1...64.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    134s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231127-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-12-2023 17:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bb8a90b7e193cfeee45c2e8f1dfc68724650c216744e69658e48e75b56ed4a64.exe

  • Size

    25.9MB

  • MD5

    a53a570dfb4eea99b0805f3f83b3b895

  • SHA1

    fc14250bad705156a2941817eb760585c4a8d589

  • SHA256

    bb8a90b7e193cfeee45c2e8f1dfc68724650c216744e69658e48e75b56ed4a64

  • SHA512

    eef869e9d5c0eb30e7b05808a99ff6278be621b576b8eb815b3be45750d6e2af45d937f4992c0817c2b557c135a43ea48c43da3a035736891b9ce21241793ddf

  • SSDEEP

    196608:v0lp0icuzFW5uqg7mTul7DF2JH5uua7yEASCQoKDz6:v0lbyuJRDFtyF6DG

Score
10/10
blackguardstealer

Malware Config

Signatures

  • BlackGuard

    Infostealer first seen in Late 2021.

    stealerblackguard
  • Loads dropped DLL 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bb8a90b7e193cfeee45c2e8f1dfc68724650c216744e69658e48e75b56ed4a64.exe
    "C:\Users\Admin\AppData\Local\Temp\bb8a90b7e193cfeee45c2e8f1dfc68724650c216744e69658e48e75b56ed4a64.exe"
    1⤵
    • Loads dropped DLL
    PID:1988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\x64\SQLite.Interop.dll
    Filesize

    1.7MB

    MD5

    c2d9e689c9b7dbfbd6266430fcce1add

    SHA1

    1ce680f48d19ab31f4af39c261451804a2858a11

    SHA256

    7bf956ba8edbc7358398707afddafa3acfcb212796f4169130d7cfa557653e67

    SHA512

    24867f191cb91e1a6dc7dbcfba02881dcb9bf49166315508bcfd331f51495a536431d33b5444fcfd270adf6def4691301c17c328cd8ef779819429437f590e08

    Download Submit

  • memory/1988-19-0x0000000005090000-0x00000000050A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1988-20-0x0000000005090000-0x00000000050A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1988-4-0x0000000005090000-0x00000000050A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1988-5-0x0000000005090000-0x00000000050A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1988-1-0x0000000000B50000-0x0000000002530000-memory.dmp

    Filesize

    25.9MB

    Download

  • memory/1988-9-0x0000000020C40000-0x0000000020C7A000-memory.dmp

    Filesize

    232KB

    Download

  • memory/1988-3-0x0000000005090000-0x00000000050A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1988-0-0x00007FF8DBA30000-0x00007FF8DC4F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1988-10-0x000000001F290000-0x000000001F2B6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/1988-21-0x00007FF8DBA30000-0x00007FF8DC4F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1988-22-0x0000000005090000-0x00000000050A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1988-23-0x0000000005090000-0x00000000050A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1988-24-0x0000000005090000-0x00000000050A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1988-25-0x0000000005090000-0x00000000050A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1988-26-0x0000000005090000-0x00000000050A0000-memory.dmp

    Filesize

    64KB

    Download