blackguard | 1289e00152ee4449fc166026d2f7a67478dff933561e0a39c88ac401763c7e65

Sharing

Copy URL

Twitter E-mail

General

Target

1289e00152ee4449fc166026d2f7a67478dff933561e0a39c88ac401763c7e65
Size

10.0MB
Sample

240126-bdvwtscagn
MD5

7900fd4f26545602048302a39984afab
SHA1

ec5b6993d42f9efdc0e7b495713dfca31fad9948
SHA256

1289e00152ee4449fc166026d2f7a67478dff933561e0a39c88ac401763c7e65
SHA512

2b66cd6f6224c309c08f86058e72efdf3160bf1c1d259642ab13b91225ae59bda35878f5bbdd180031923c6af1b779592b0d6f63c1e9448fa1a115ae61029cf7
SSDEEP

196608:Za0cWNtvKKniKPPPDCi9iyXIHyv7lhdhoDEnk8IBOJ5oMb/Nd:/hiI/9eHmhdhUBa5o83

Score

10^/10

blackguard

Malware Config

Targets

- Target
  
  1289e00152ee4449fc166026d2f7a67478dff933561e0a39c88ac401763c7e65
- Size
  
  10.0MB
- MD5
  
  7900fd4f26545602048302a39984afab
- SHA1
  
  ec5b6993d42f9efdc0e7b495713dfca31fad9948
- SHA256
  
  1289e00152ee4449fc166026d2f7a67478dff933561e0a39c88ac401763c7e65
- SHA512
  
  2b66cd6f6224c309c08f86058e72efdf3160bf1c1d259642ab13b91225ae59bda35878f5bbdd180031923c6af1b779592b0d6f63c1e9448fa1a115ae61029cf7
- SSDEEP
  
  196608:Za0cWNtvKKniKPPPDCi9iyXIHyv7lhdhoDEnk8IBOJ5oMb/Nd:/hiI/9eHmhdhUBa5o83
Score

3^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/INetC.dll
- Size
  
  21KB
- MD5
  
  2b342079303895c50af8040a91f30f71
- SHA1
  
  b11335e1cb8356d9c337cb89fe81d669a69de17e
- SHA256
  
  2d5d89025911e2e273f90f393624be4819641dbee1606de792362e442e54612f
- SHA512
  
  550452dadc86ecd205f40668894116790a456fe46e9985d68093d36cf32abf00edecb5c56ff0287464a0e819db7b3cc53926037a116de6c651332a7cc8035d47
- SSDEEP
  
  384:KOoVVefeWsI7rsIquPLNN546o0Ac9khYLMkIX0+Gzyekv:4VVaeE7wIqyJN5i
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/SysRestore.dll
- Size
  
  5KB
- MD5
  
  da046184a8d7269a0e138b0b0b9b2eb5
- SHA1
  
  d9bc5ea397857e17a86f80df1e50615eb6859044
- SHA256
  
  c5e335bd19fa798f120287fe3ed920296f899223942fd6b987585a765f0adec2
- SHA512
  
  9ee6965ac931839a5d61b4ed64bb3bbf434dfd10ff086c38a998ec6714018b5491da7e5c29e4f7dd7fd4a93b2f285869b20f88b4b0194c9ba7824ff7c9f03c80
- SSDEEP
  
  48:S5SjUZmikqTB1By5B6UBQzcszn3x3YlE41tq9/Iye:ASOz5ns4UeI2B3Z41tqlc
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  fccff8cb7a1067e23fd2e2b63971a8e1
- SHA1
  
  30e2a9e137c1223a78a0f7b0bf96a1c361976d91
- SHA256
  
  6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e
- SHA512
  
  f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c
- SSDEEP
  
  192:xPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4v:g7VpNo8gmOyRsVc4
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1c8b2b40c642e8b5a5b3ff102796fb37
- SHA1
  
  3245f55afac50f775eb53fd6d14abb7fe523393d
- SHA256
  
  8780095aa2f49725388cddf00d79a74e85c9c4863b366f55c39c606a5fb8440c
- SHA512
  
  4ff2dc83f640933162ec8818bb1bf3b3be1183264750946a3d949d2e7068ee606277b6c840193ef2b4663952387f07f6ab12c84c4a11cae9a8de7bd4e7971c57
- SSDEEP
  
  96:o2DlD3cd51V1zL7xqEscxM2DjDf3GEst+Nt+jvcx4T8qndYv0PLE:o2p34z/x3sREskpx4dO0PLE
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  09c2e27c626d6f33018b8a34d3d98cb6
- SHA1
  
  8d6bf50218c8f201f06ecf98ca73b74752a2e453
- SHA256
  
  114c6941a8b489416c84563e94fd266ea5cad2b518db45cd977f1f9761e00cb1
- SHA512
  
  883454bef7b6de86d53af790755ae624f756b48b23970f865558ba03a5aecfa8d15f14700e92b3c51546e738c93e53dc50b8a45f79ef3f00aa84382853440954
- SSDEEP
  
  96:pBNUBGfVwhcAlhPRJAixx+3eDEsgcBbcB/NFyVOHd0+uisX4:qBGfV5AlJJfFgcBbcB/N8Ved0P
Score

3^/10
behavioral11 behavioral12
- Target
  
  API-MS-Win-core-xstate-l2-1-0.dll
- Size
  
  12KB
- MD5
  
  5f11b9bb427753bdae6d312a02c516f9
- SHA1
  
  6fb327e5a64a94c2489f3a82999b7d60babb228a
- SHA256
  
  4879fe3ea58d853f21658aefc5e8b92b7e6333d77c0af31a6bf9ff769475f6fd
- SHA512
  
  09a317ecb7d83f1aa2d06e65371513ae770c9df4691b5ad3d50918e4bfacf1635fafaa43ada4efd5d23c448a7eb80675baecccb3ca9dbbfba4e829248a5bf466
- SSDEEP
  
  384:9cf5b+W1hWx7HRN7izd72vH3rPR9z/gtP:uf5bVGic3l9zM
Score

1^/10
behavioral13 behavioral14
- Target
  
  Accessibility.dll
- Size
  
  10KB
- MD5
  
  1b4cc6782e295675217cd17df70057f3
- SHA1
  
  f468087e7fbaa5aeed1fc41062b198570ae017e3
- SHA256
  
  f08bdbf797dfdbbde37000fb29141caec4beb4dc0f552ab2cfe0887e1e6c5f60
- SHA512
  
  05289e9514d173694a1e15dc5228976c963572353c78412bc79bdc933ae89df08e889736232c6240e4fa1e8f26689cb4eeae4a83aa9e333a6d1882b8b857a8fb
- SSDEEP
  
  192:qN1WRFlDWlolDWlIJh2ICtMBYY5IQY2xLnG63etbTWm/W:+1UlqlolqlIWGPISLGptXWm/W
Score

1^/10
behavioral15 behavioral16
- Target
  
  AviraLib.dll
- Size
  
  1.0MB
- MD5
  
  d6d0cc37647a75064f98df7be2f90fd3
- SHA1
  
  bee54ae9b3fd3686a8b672e341bda18ec6123b32
- SHA256
  
  1cf8f0fad70f9adda6b54ea13622c440d624ddd31c801f1c3493e1cef7d84747
- SHA512
  
  23b805ab3cf0d0da5f6a7d792ed3e7a854f8d23055a4686b9b37d792756a971edf877433a6c4ac6c1f328b04e9e9130802aecc8ffe3ec27b63fe955424d7c6d6
- SSDEEP
  
  12288:LquZ72AyO5lpt5dFjTMrEtZZwem1ajAHOGeVy+BIRwcls9P5m6wYnKoPyS:Lq4yAy8lT5d6oVjj/8Hls9P5munmS
Score

1^/10
behavioral17 behavioral18
- Target
  
  BouncyCastle.Crypto.dll
- Size
  
  2.3MB
- MD5
  
  9d34c40df4c87e378bdb0a3ebd36bfc2
- SHA1
  
  5c110a3a90e792270b44e3e3f6cf31bdd9020295
- SHA256
  
  e7c9e901e6d927778938d3ee5d183dce495d6b6eb2a89242a700afe25d921cf6
- SHA512
  
  51eea2113ac5acfd553b3e0b35390c38323218de55fd5b8abc8cf44bd0445df84eaf9349b52491737aa826ce76cfc2fe5eb5aaa60413cf376b4479ff21a19339
- SSDEEP
  
  49152:2brsw7nZ8pRbkwLdPkSAu5LdPkSAu5LdPkSAu5LdPkzkHi2LdPkSAu5LdPkSAu51:U8pRbx4kg1qA4
Score

1^/10
behavioral19 behavioral20
- Target
  
  Branding.Desktop.dll
- Size
  
  23KB
- MD5
  
  0a55314b9ff6edf2616e5a1e136886a6
- SHA1
  
  64f5fdfcc14962c1b9750b289afb3b94fc7bffbe
- SHA256
  
  c9131d33f63f660abd1025812fc20cd8a545feaf72eb288ca797e9f1e4bc348a
- SHA512
  
  a2181bd8fd97261666be02100aa0de24a298c90d61970e60bfa382b4b84fae85c79e1708b65ece3e2b9a66f77c0323d9e844d0ed4341d2d22d8ab984014e5fdb
- SSDEEP
  
  384:JhPZBx2Y3p1iS90bIqElZzHoNZsHL0tkIKAM+o/8E9VF0NyUxLXP:/BL2Gp1i7bIJPVmkIKAMxkEsz
Score

1^/10
behavioral21 behavioral22
- Target
  
  D3DCompiler_47_cor3.dll
- Size
  
  3.9MB
- MD5
  
  5e717c95808bcb5f654bb312d289b837
- SHA1
  
  c69448eafa40e35424744c28e68cf69ce11a3d97
- SHA256
  
  e745872db4dd114a65ee1504f401ea26d879edb6614e369a07a80ce7ad1950ca
- SHA512
  
  dc5e6ee0c8fe22897009060821b18bf2f7d0317d30682f7fa84a4c1889358c152d84d22ebe57d0ec8ccc1be8714bce6b1257d30671b8d0fea88309bbd137b8f0
- SSDEEP
  
  98304:q4czLWVMYHItqGZ5CNjEhrZ0T2S1kHn8:qMpGZ5CFEh10TD1kHn8
Score

3^/10
behavioral23 behavioral24
- Target
  
  DirectWriteForwarder.dll
- Size
  
  468KB
- MD5
  
  a36d73301123334adc95e034b327daad
- SHA1
  
  cb4bd930cbe2c930d665dd4467e8b88815de8c1d
- SHA256
  
  440c95dcdbe402d843095649773d1fc6da5d035802dd540ce29c71bc915d433b
- SHA512
  
  438abf9aa1c00bf1f3e9ec7e9ac6bf5d89c492d68301044ba7fb205d3c5d34aae4940893eff721b91696de4c782a8a3558cdb39955943e350361639893ef3393
- SSDEEP
  
  6144:eTDF2kb51CJfk7g9wSikA+6Bl5f7d5rBkwLENfTKSr1dDqY9DGKwHrD:oDVbK6kA+6B/d5rlUfTrDT6KwHr
Score

1^/10
behavioral25 behavioral26
- Target
  
  DotNetZip.dll
- Size
  
  233KB
- MD5
  
  6a8c8771bd399dd468595bab186c3e88
- SHA1
  
  df56e2573396ad8da5998c6aaf89c508f2060a85
- SHA256
  
  28d76d7ac169c5b71cca4e3073226f885a2f06720413a11e8db9b7fc08359462
- SHA512
  
  3e7a0e3b0b182e97e44504c4aa511065ea910a88e88ea849a5977f64dfd64aca6008815a6307e1d82a706b66811ddc5a1234b37c95a80e1a01feaa8b8fdc3d74
- SSDEEP
  
  3072:QXsFvbsM5ecgKXnukd2sn8Dhm58yEJEYkbQcHPoOFqvAvIMqUo1SccvdH8UfrxA6:tmE7gX22sGhs2JcjpIN9+8UfrOsWs
Score

1^/10
behavioral27 behavioral28
- Target
  
  Engine.Win.dll
- Size
  
  871KB
- MD5
  
  c905cf67539797d58a75b238201a1383
- SHA1
  
  500351c4c7151596c0c782a4e6de8495f5a3edca
- SHA256
  
  f5aea1bc55e102a2c3d0db554411531260ee04ca2eac6c256050fb2dfdd6b366
- SHA512
  
  49ac338b68dbafbbaf63a4994d093195a69f12b74dd4b0ba554f3ad9453d7e998b5328004b49be92f44b7f0aad2cda9bb4bd368ae60e7948d6c6ad2ac6cf093d
- SSDEEP
  
  12288:tL43XI03XQnigPCHS/cEYjKbs4OjQ/I51Pq6Cs6YAD/z+87thX:tkoIXQigPJ/clg5kr6s07D
Score

1^/10
behavioral29 behavioral30
- Target
  
  EntityFramework.SqlServer.dll
- Size
  
  566KB
- MD5
  
  4010a41e4730439275c00c358550393f
- SHA1
  
  572a2fb0526523e3669a53264fc51adac70c4ad8
- SHA256
  
  b4c39d8f0fb669e6e337c5f3138f6171b0905cf875a92b0e3253f33955b87b55
- SHA512
  
  5a554c85ea0222c9d96ebe24b2b0730c3974c59389e2fd0672ccd2c99f78b937bc4529151a24cc68357a308d3e9990f09eb854b05466538c422847d9849f84a9
- SSDEEP
  
  6144:frmoela3kPuG2p6GeqDmjaVmnSmr/u65oPWtduB6yHtYw:fvelMwu65oqs
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32