blackguard | d92665b8104b17cee50b45c5a391275bc336891a9a47ff35e5ecc73124a1ca48

Sharing

Copy URL

Twitter E-mail

General

Target

d92665b8104b17cee50b45c5a391275bc336891a9a47ff35e5ecc73124a1ca48
Size

10.0MB
Sample

240116-b1cnrsbfb3
MD5

32d9805818fea93bb2bc835b4b5bbbf6
SHA1

a293f134f1ef2227b6a08de3dc8d8a56385c495c
SHA256

d92665b8104b17cee50b45c5a391275bc336891a9a47ff35e5ecc73124a1ca48
SHA512

ae41872ef5fb8d42c6d1b7b9e8864159426153d193752636f5385c073dc9500bafe70a8c26992fd11278a5c7cdda8e8d849d4f9f9baf6d26015dee7d4cd8c049
SSDEEP

196608:/YkRw8bmX0OLOlAiiogi1rEOOolsRk1Usb4ILm7/Lm45YDskCAY:gkRwHO/TBE9ols+UeLm7/LhuYkCAY

Score

10^/10

blackguard

Malware Config

Targets

- Target
  
  d92665b8104b17cee50b45c5a391275bc336891a9a47ff35e5ecc73124a1ca48
- Size
  
  10.0MB
- MD5
  
  32d9805818fea93bb2bc835b4b5bbbf6
- SHA1
  
  a293f134f1ef2227b6a08de3dc8d8a56385c495c
- SHA256
  
  d92665b8104b17cee50b45c5a391275bc336891a9a47ff35e5ecc73124a1ca48
- SHA512
  
  ae41872ef5fb8d42c6d1b7b9e8864159426153d193752636f5385c073dc9500bafe70a8c26992fd11278a5c7cdda8e8d849d4f9f9baf6d26015dee7d4cd8c049
- SSDEEP
  
  196608:/YkRw8bmX0OLOlAiiogi1rEOOolsRk1Usb4ILm7/Lm45YDskCAY:gkRwHO/TBE9ols+UeLm7/LhuYkCAY
Score

3^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/INetC.dll
- Size
  
  21KB
- MD5
  
  2b342079303895c50af8040a91f30f71
- SHA1
  
  b11335e1cb8356d9c337cb89fe81d669a69de17e
- SHA256
  
  2d5d89025911e2e273f90f393624be4819641dbee1606de792362e442e54612f
- SHA512
  
  550452dadc86ecd205f40668894116790a456fe46e9985d68093d36cf32abf00edecb5c56ff0287464a0e819db7b3cc53926037a116de6c651332a7cc8035d47
- SSDEEP
  
  384:KOoVVefeWsI7rsIquPLNN546o0Ac9khYLMkIX0+Gzyekv:4VVaeE7wIqyJN5i
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/SysRestore.dll
- Size
  
  5KB
- MD5
  
  da046184a8d7269a0e138b0b0b9b2eb5
- SHA1
  
  d9bc5ea397857e17a86f80df1e50615eb6859044
- SHA256
  
  c5e335bd19fa798f120287fe3ed920296f899223942fd6b987585a765f0adec2
- SHA512
  
  9ee6965ac931839a5d61b4ed64bb3bbf434dfd10ff086c38a998ec6714018b5491da7e5c29e4f7dd7fd4a93b2f285869b20f88b4b0194c9ba7824ff7c9f03c80
- SSDEEP
  
  48:S5SjUZmikqTB1By5B6UBQzcszn3x3YlE41tq9/Iye:ASOz5ns4UeI2B3Z41tqlc
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  fccff8cb7a1067e23fd2e2b63971a8e1
- SHA1
  
  30e2a9e137c1223a78a0f7b0bf96a1c361976d91
- SHA256
  
  6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e
- SHA512
  
  f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c
- SSDEEP
  
  192:xPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4v:g7VpNo8gmOyRsVc4
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1c8b2b40c642e8b5a5b3ff102796fb37
- SHA1
  
  3245f55afac50f775eb53fd6d14abb7fe523393d
- SHA256
  
  8780095aa2f49725388cddf00d79a74e85c9c4863b366f55c39c606a5fb8440c
- SHA512
  
  4ff2dc83f640933162ec8818bb1bf3b3be1183264750946a3d949d2e7068ee606277b6c840193ef2b4663952387f07f6ab12c84c4a11cae9a8de7bd4e7971c57
- SSDEEP
  
  96:o2DlD3cd51V1zL7xqEscxM2DjDf3GEst+Nt+jvcx4T8qndYv0PLE:o2p34z/x3sREskpx4dO0PLE
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  09c2e27c626d6f33018b8a34d3d98cb6
- SHA1
  
  8d6bf50218c8f201f06ecf98ca73b74752a2e453
- SHA256
  
  114c6941a8b489416c84563e94fd266ea5cad2b518db45cd977f1f9761e00cb1
- SHA512
  
  883454bef7b6de86d53af790755ae624f756b48b23970f865558ba03a5aecfa8d15f14700e92b3c51546e738c93e53dc50b8a45f79ef3f00aa84382853440954
- SSDEEP
  
  96:pBNUBGfVwhcAlhPRJAixx+3eDEsgcBbcB/NFyVOHd0+uisX4:qBGfV5AlJJfFgcBbcB/N8Ved0P
Score

3^/10
behavioral11 behavioral12
- Target
  
  API-MS-Win-core-xstate-l2-1-0.dll
- Size
  
  12KB
- MD5
  
  5f11b9bb427753bdae6d312a02c516f9
- SHA1
  
  6fb327e5a64a94c2489f3a82999b7d60babb228a
- SHA256
  
  4879fe3ea58d853f21658aefc5e8b92b7e6333d77c0af31a6bf9ff769475f6fd
- SHA512
  
  09a317ecb7d83f1aa2d06e65371513ae770c9df4691b5ad3d50918e4bfacf1635fafaa43ada4efd5d23c448a7eb80675baecccb3ca9dbbfba4e829248a5bf466
- SSDEEP
  
  384:9cf5b+W1hWx7HRN7izd72vH3rPR9z/gtP:uf5bVGic3l9zM
Score

1^/10
behavioral13 behavioral14
- Target
  
  Accessibility.dll
- Size
  
  10KB
- MD5
  
  1b4cc6782e295675217cd17df70057f3
- SHA1
  
  f468087e7fbaa5aeed1fc41062b198570ae017e3
- SHA256
  
  f08bdbf797dfdbbde37000fb29141caec4beb4dc0f552ab2cfe0887e1e6c5f60
- SHA512
  
  05289e9514d173694a1e15dc5228976c963572353c78412bc79bdc933ae89df08e889736232c6240e4fa1e8f26689cb4eeae4a83aa9e333a6d1882b8b857a8fb
- SSDEEP
  
  192:qN1WRFlDWlolDWlIJh2ICtMBYY5IQY2xLnG63etbTWm/W:+1UlqlolqlIWGPISLGptXWm/W
Score

1^/10
behavioral15 behavioral16
- Target
  
  AviraLib.dll
- Size
  
  1.0MB
- MD5
  
  fb8d7d2f2d25346e8ce9a70b5df5db55
- SHA1
  
  b7507ea12e1d0583fdee17583af26cbb17ed884d
- SHA256
  
  a02884adf7c6cea2de69d260034930ebf9a0bbb51e7ceeb12b7fdd6d38941f80
- SHA512
  
  33a79b89ad7750084a47392b193a57cd3392c1f175eb63c4ac1c64919e47194c95b6c0514f10e972503e13980b88df329fdec29d3b3cf18ffeeea16bbe03e12d
- SSDEEP
  
  12288:8quZ72AyO5lpt5dFjTMrEtZZwem1ajAHOGeVy+BIRwcls9P5m6wYiKoP2X:8q4yAy8lT5d6oVjj/8Hls9P5mui6X
Score

1^/10
behavioral17 behavioral18
- Target
  
  BouncyCastle.Crypto.dll
- Size
  
  2.3MB
- MD5
  
  9d34c40df4c87e378bdb0a3ebd36bfc2
- SHA1
  
  5c110a3a90e792270b44e3e3f6cf31bdd9020295
- SHA256
  
  e7c9e901e6d927778938d3ee5d183dce495d6b6eb2a89242a700afe25d921cf6
- SHA512
  
  51eea2113ac5acfd553b3e0b35390c38323218de55fd5b8abc8cf44bd0445df84eaf9349b52491737aa826ce76cfc2fe5eb5aaa60413cf376b4479ff21a19339
- SSDEEP
  
  49152:2brsw7nZ8pRbkwLdPkSAu5LdPkSAu5LdPkSAu5LdPkzkHi2LdPkSAu5LdPkSAu51:U8pRbx4kg1qA4
Score

1^/10
behavioral19 behavioral20
- Target
  
  Branding.Desktop.dll
- Size
  
  23KB
- MD5
  
  83df60e9fa070f73fc478f3e2fa33118
- SHA1
  
  09f906f3834fad2f891f2faa88963035cde5f4ab
- SHA256
  
  ed3d49a91f5b88d425d5ceda3e120638c5a16116cf719e899a3395092dbd2fd6
- SHA512
  
  6b8bb3f951676c5186f72053f6eddd807c9168e54452d97985536e0956752707ba5a8fd1b466631b6d3f7d5ee614398e8e0c07774d3998986982928495bcf90b
- SSDEEP
  
  384:vhPZBx2Y3p1iS90bIqEoZzHoNZsHLItkgtAM+o/8E9VF0NyCn:pBL2Gp1i7bIJkVikgtAMxkES
Score

1^/10
behavioral21 behavioral22
- Target
  
  D3DCompiler_47_cor3.dll
- Size
  
  3.9MB
- MD5
  
  5e717c95808bcb5f654bb312d289b837
- SHA1
  
  c69448eafa40e35424744c28e68cf69ce11a3d97
- SHA256
  
  e745872db4dd114a65ee1504f401ea26d879edb6614e369a07a80ce7ad1950ca
- SHA512
  
  dc5e6ee0c8fe22897009060821b18bf2f7d0317d30682f7fa84a4c1889358c152d84d22ebe57d0ec8ccc1be8714bce6b1257d30671b8d0fea88309bbd137b8f0
- SSDEEP
  
  98304:q4czLWVMYHItqGZ5CNjEhrZ0T2S1kHn8:qMpGZ5CFEh10TD1kHn8
Score

3^/10
behavioral23 behavioral24
- Target
  
  DirectWriteForwarder.dll
- Size
  
  468KB
- MD5
  
  a36d73301123334adc95e034b327daad
- SHA1
  
  cb4bd930cbe2c930d665dd4467e8b88815de8c1d
- SHA256
  
  440c95dcdbe402d843095649773d1fc6da5d035802dd540ce29c71bc915d433b
- SHA512
  
  438abf9aa1c00bf1f3e9ec7e9ac6bf5d89c492d68301044ba7fb205d3c5d34aae4940893eff721b91696de4c782a8a3558cdb39955943e350361639893ef3393
- SSDEEP
  
  6144:eTDF2kb51CJfk7g9wSikA+6Bl5f7d5rBkwLENfTKSr1dDqY9DGKwHrD:oDVbK6kA+6B/d5rlUfTrDT6KwHr
Score

1^/10
behavioral25 behavioral26
- Target
  
  DotNetZip.dll
- Size
  
  233KB
- MD5
  
  6a8c8771bd399dd468595bab186c3e88
- SHA1
  
  df56e2573396ad8da5998c6aaf89c508f2060a85
- SHA256
  
  28d76d7ac169c5b71cca4e3073226f885a2f06720413a11e8db9b7fc08359462
- SHA512
  
  3e7a0e3b0b182e97e44504c4aa511065ea910a88e88ea849a5977f64dfd64aca6008815a6307e1d82a706b66811ddc5a1234b37c95a80e1a01feaa8b8fdc3d74
- SSDEEP
  
  3072:QXsFvbsM5ecgKXnukd2sn8Dhm58yEJEYkbQcHPoOFqvAvIMqUo1SccvdH8UfrxA6:tmE7gX22sGhs2JcjpIN9+8UfrOsWs
Score

1^/10
behavioral27 behavioral28
- Target
  
  Engine.Win.dll
- Size
  
  871KB
- MD5
  
  da57061c46593965fe4583555fd6fba5
- SHA1
  
  968ee40fa24695eac44dc84a224e0c07230e317a
- SHA256
  
  270fc42dcaf1841d1871ae4b45404afe9cfc3b445e34aca1e386b67fda555434
- SHA512
  
  d1877c261a2071f507ed80923f6db4073404b4b16ada02b3c21e9fb824dd92f0f81297b3a619a2f1acdae502f43434bbd9297562cbca653e1a7473c3f05fb4a9
- SSDEEP
  
  12288:nL43XI03XQnigPCHS/cEYjKbs4OjQ/I51Pq6Cs6YAD/z+87tho:nkoIXQigPJ/clg5kr6s078
Score

1^/10
behavioral29 behavioral30
- Target
  
  EntityFramework.SqlServer.dll
- Size
  
  566KB
- MD5
  
  4010a41e4730439275c00c358550393f
- SHA1
  
  572a2fb0526523e3669a53264fc51adac70c4ad8
- SHA256
  
  b4c39d8f0fb669e6e337c5f3138f6171b0905cf875a92b0e3253f33955b87b55
- SHA512
  
  5a554c85ea0222c9d96ebe24b2b0730c3974c59389e2fd0672ccd2c99f78b937bc4529151a24cc68357a308d3e9990f09eb854b05466538c422847d9849f84a9
- SSDEEP
  
  6144:frmoela3kPuG2p6GeqDmjaVmnSmr/u65oPWtduB6yHtYw:fvelMwu65oqs
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32