blackguard | a831ab76dcd785734393b7f95d84a7ac6682823bcd4886560b2b4c1782b82709

Sharing

Copy URL

Twitter E-mail

General

Target

a831ab76dcd785734393b7f95d84a7ac6682823bcd4886560b2b4c1782b82709
Size

10.0MB
Sample

240130-cm8pqagfgm
MD5

cf869f7c2b2a2794d10b7ce6fc46a2ef
SHA1

3623b62dedf73d60e902971f91d798b5fff92f79
SHA256

a831ab76dcd785734393b7f95d84a7ac6682823bcd4886560b2b4c1782b82709
SHA512

a3e16f5e51538762b198b155bdaf9d9edcc1a3cc0ad1f49d119eb22d43886295ffc196c4b142834d3b2c7d2235ab1c6eedfab55cae9bc5fff568562888bb9679
SSDEEP

196608:6/PN6s6e0FBEJbrGg0eXqGrN6rh84uk7mjRG6QhKCDRttKWdD:8Pr69BEJBfrrkqOZDRXKW5

Score

10^/10

blackguard

Malware Config

Targets

- Target
  
  a831ab76dcd785734393b7f95d84a7ac6682823bcd4886560b2b4c1782b82709
- Size
  
  10.0MB
- MD5
  
  cf869f7c2b2a2794d10b7ce6fc46a2ef
- SHA1
  
  3623b62dedf73d60e902971f91d798b5fff92f79
- SHA256
  
  a831ab76dcd785734393b7f95d84a7ac6682823bcd4886560b2b4c1782b82709
- SHA512
  
  a3e16f5e51538762b198b155bdaf9d9edcc1a3cc0ad1f49d119eb22d43886295ffc196c4b142834d3b2c7d2235ab1c6eedfab55cae9bc5fff568562888bb9679
- SSDEEP
  
  196608:6/PN6s6e0FBEJbrGg0eXqGrN6rh84uk7mjRG6QhKCDRttKWdD:8Pr69BEJBfrrkqOZDRXKW5
Score

3^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/INetC.dll
- Size
  
  21KB
- MD5
  
  2b342079303895c50af8040a91f30f71
- SHA1
  
  b11335e1cb8356d9c337cb89fe81d669a69de17e
- SHA256
  
  2d5d89025911e2e273f90f393624be4819641dbee1606de792362e442e54612f
- SHA512
  
  550452dadc86ecd205f40668894116790a456fe46e9985d68093d36cf32abf00edecb5c56ff0287464a0e819db7b3cc53926037a116de6c651332a7cc8035d47
- SSDEEP
  
  384:KOoVVefeWsI7rsIquPLNN546o0Ac9khYLMkIX0+Gzyekv:4VVaeE7wIqyJN5i
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/SysRestore.dll
- Size
  
  5KB
- MD5
  
  da046184a8d7269a0e138b0b0b9b2eb5
- SHA1
  
  d9bc5ea397857e17a86f80df1e50615eb6859044
- SHA256
  
  c5e335bd19fa798f120287fe3ed920296f899223942fd6b987585a765f0adec2
- SHA512
  
  9ee6965ac931839a5d61b4ed64bb3bbf434dfd10ff086c38a998ec6714018b5491da7e5c29e4f7dd7fd4a93b2f285869b20f88b4b0194c9ba7824ff7c9f03c80
- SSDEEP
  
  48:S5SjUZmikqTB1By5B6UBQzcszn3x3YlE41tq9/Iye:ASOz5ns4UeI2B3Z41tqlc
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  fccff8cb7a1067e23fd2e2b63971a8e1
- SHA1
  
  30e2a9e137c1223a78a0f7b0bf96a1c361976d91
- SHA256
  
  6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e
- SHA512
  
  f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c
- SSDEEP
  
  192:xPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4v:g7VpNo8gmOyRsVc4
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1c8b2b40c642e8b5a5b3ff102796fb37
- SHA1
  
  3245f55afac50f775eb53fd6d14abb7fe523393d
- SHA256
  
  8780095aa2f49725388cddf00d79a74e85c9c4863b366f55c39c606a5fb8440c
- SHA512
  
  4ff2dc83f640933162ec8818bb1bf3b3be1183264750946a3d949d2e7068ee606277b6c840193ef2b4663952387f07f6ab12c84c4a11cae9a8de7bd4e7971c57
- SSDEEP
  
  96:o2DlD3cd51V1zL7xqEscxM2DjDf3GEst+Nt+jvcx4T8qndYv0PLE:o2p34z/x3sREskpx4dO0PLE
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  09c2e27c626d6f33018b8a34d3d98cb6
- SHA1
  
  8d6bf50218c8f201f06ecf98ca73b74752a2e453
- SHA256
  
  114c6941a8b489416c84563e94fd266ea5cad2b518db45cd977f1f9761e00cb1
- SHA512
  
  883454bef7b6de86d53af790755ae624f756b48b23970f865558ba03a5aecfa8d15f14700e92b3c51546e738c93e53dc50b8a45f79ef3f00aa84382853440954
- SSDEEP
  
  96:pBNUBGfVwhcAlhPRJAixx+3eDEsgcBbcB/NFyVOHd0+uisX4:qBGfV5AlJJfFgcBbcB/N8Ved0P
Score

3^/10
behavioral11 behavioral12
- Target
  
  API-MS-Win-core-xstate-l2-1-0.dll
- Size
  
  12KB
- MD5
  
  5f11b9bb427753bdae6d312a02c516f9
- SHA1
  
  6fb327e5a64a94c2489f3a82999b7d60babb228a
- SHA256
  
  4879fe3ea58d853f21658aefc5e8b92b7e6333d77c0af31a6bf9ff769475f6fd
- SHA512
  
  09a317ecb7d83f1aa2d06e65371513ae770c9df4691b5ad3d50918e4bfacf1635fafaa43ada4efd5d23c448a7eb80675baecccb3ca9dbbfba4e829248a5bf466
- SSDEEP
  
  384:9cf5b+W1hWx7HRN7izd72vH3rPR9z/gtP:uf5bVGic3l9zM
Score

3^/10
behavioral13 behavioral14
- Target
  
  Accessibility.dll
- Size
  
  10KB
- MD5
  
  1b4cc6782e295675217cd17df70057f3
- SHA1
  
  f468087e7fbaa5aeed1fc41062b198570ae017e3
- SHA256
  
  f08bdbf797dfdbbde37000fb29141caec4beb4dc0f552ab2cfe0887e1e6c5f60
- SHA512
  
  05289e9514d173694a1e15dc5228976c963572353c78412bc79bdc933ae89df08e889736232c6240e4fa1e8f26689cb4eeae4a83aa9e333a6d1882b8b857a8fb
- SSDEEP
  
  192:qN1WRFlDWlolDWlIJh2ICtMBYY5IQY2xLnG63etbTWm/W:+1UlqlolqlIWGPISLGptXWm/W
Score

1^/10
behavioral15 behavioral16
- Target
  
  AviraLib.dll
- Size
  
  1.0MB
- MD5
  
  3f8ae290194e30366e28fdc6bba361dc
- SHA1
  
  da03cd90422cd26ce2fdfb20f2345afd9f75f3db
- SHA256
  
  3f1485ce848ed572de29a6633073eb61aab22cc32e4a3f20de3f035012b7356d
- SHA512
  
  6a58e6d23bb4389ddecb693ac5aa89653d1fe28f4b6cf0619a3237eeff0d6503bfc96687c4faf308216deebb83bb4097184866d91d36d9a9490ab8c59242f8cb
- SSDEEP
  
  12288:BquZ72AyO5lpt5dFjTMrEtZZwem1ajAHOGeVy+BIRwcls9P5m6wYnKoPyJ:Bq4yAy8lT5d6oVjj/8Hls9P5munmJ
Score

1^/10
behavioral17 behavioral18
- Target
  
  BouncyCastle.Crypto.dll
- Size
  
  2.3MB
- MD5
  
  9d34c40df4c87e378bdb0a3ebd36bfc2
- SHA1
  
  5c110a3a90e792270b44e3e3f6cf31bdd9020295
- SHA256
  
  e7c9e901e6d927778938d3ee5d183dce495d6b6eb2a89242a700afe25d921cf6
- SHA512
  
  51eea2113ac5acfd553b3e0b35390c38323218de55fd5b8abc8cf44bd0445df84eaf9349b52491737aa826ce76cfc2fe5eb5aaa60413cf376b4479ff21a19339
- SSDEEP
  
  49152:2brsw7nZ8pRbkwLdPkSAu5LdPkSAu5LdPkSAu5LdPkzkHi2LdPkSAu5LdPkSAu51:U8pRbx4kg1qA4
Score

1^/10
behavioral19 behavioral20
- Target
  
  Branding.Desktop.dll
- Size
  
  23KB
- MD5
  
  03b64c991144e8b366d5023a19f2acb7
- SHA1
  
  326c3cb488036754e8598a9200f0795a96a317f1
- SHA256
  
  b7df3656e162b87b3ca044832d50a8d62ab30248663572dc64a00e7658f15f70
- SHA512
  
  972c5832a2b5e091c95c86a8e46a38448ebda74ed64d0ddcf68437cccfa42f8aeed045f9b621ef0559e0e497513abc68b96fdfc8fbc26f8c9bc78eb44193e3f3
- SSDEEP
  
  384:lhPZBx2Y3p1iS90bIqElZzHoNZsHL0tkI4AM+o/8E9VF0NywBJn:bBL2Gp1i7bIJPVmkI4AMxkEgt
Score

1^/10
behavioral21 behavioral22
- Target
  
  D3DCompiler_47_cor3.dll
- Size
  
  3.9MB
- MD5
  
  5e717c95808bcb5f654bb312d289b837
- SHA1
  
  c69448eafa40e35424744c28e68cf69ce11a3d97
- SHA256
  
  e745872db4dd114a65ee1504f401ea26d879edb6614e369a07a80ce7ad1950ca
- SHA512
  
  dc5e6ee0c8fe22897009060821b18bf2f7d0317d30682f7fa84a4c1889358c152d84d22ebe57d0ec8ccc1be8714bce6b1257d30671b8d0fea88309bbd137b8f0
- SSDEEP
  
  98304:q4czLWVMYHItqGZ5CNjEhrZ0T2S1kHn8:qMpGZ5CFEh10TD1kHn8
Score

3^/10
behavioral23 behavioral24
- Target
  
  DirectWriteForwarder.dll
- Size
  
  468KB
- MD5
  
  a36d73301123334adc95e034b327daad
- SHA1
  
  cb4bd930cbe2c930d665dd4467e8b88815de8c1d
- SHA256
  
  440c95dcdbe402d843095649773d1fc6da5d035802dd540ce29c71bc915d433b
- SHA512
  
  438abf9aa1c00bf1f3e9ec7e9ac6bf5d89c492d68301044ba7fb205d3c5d34aae4940893eff721b91696de4c782a8a3558cdb39955943e350361639893ef3393
- SSDEEP
  
  6144:eTDF2kb51CJfk7g9wSikA+6Bl5f7d5rBkwLENfTKSr1dDqY9DGKwHrD:oDVbK6kA+6B/d5rlUfTrDT6KwHr
Score

1^/10
behavioral25 behavioral26
- Target
  
  DotNetZip.dll
- Size
  
  233KB
- MD5
  
  6a8c8771bd399dd468595bab186c3e88
- SHA1
  
  df56e2573396ad8da5998c6aaf89c508f2060a85
- SHA256
  
  28d76d7ac169c5b71cca4e3073226f885a2f06720413a11e8db9b7fc08359462
- SHA512
  
  3e7a0e3b0b182e97e44504c4aa511065ea910a88e88ea849a5977f64dfd64aca6008815a6307e1d82a706b66811ddc5a1234b37c95a80e1a01feaa8b8fdc3d74
- SSDEEP
  
  3072:QXsFvbsM5ecgKXnukd2sn8Dhm58yEJEYkbQcHPoOFqvAvIMqUo1SccvdH8UfrxA6:tmE7gX22sGhs2JcjpIN9+8UfrOsWs
Score

1^/10
behavioral27 behavioral28
- Target
  
  Engine.Win.dll
- Size
  
  871KB
- MD5
  
  bb990ed0f78c4433bf95088be4429a75
- SHA1
  
  5583889c284392f007cc2d352b218dd7e42db029
- SHA256
  
  549153cfb08aabeea212d004431ef710e922aebab79d14aaa6db53a42993293b
- SHA512
  
  621784d2fb5fd9832679628b59c3a790db35608e1c324ff96d098b100f16b53115b7da8556376ffe8afa1f3d29310d718fbb480f4dd0aa0eeefcfc243d8e41e3
- SSDEEP
  
  12288:CL43XI03XQnigPCHS/cEYjKbs4OjQ/I51Pq6Cs6YAD/z+87thG:CkoIXQigPJ/clg5kr6s07q
Score

1^/10
behavioral29 behavioral30
- Target
  
  EntityFramework.SqlServer.dll
- Size
  
  566KB
- MD5
  
  4010a41e4730439275c00c358550393f
- SHA1
  
  572a2fb0526523e3669a53264fc51adac70c4ad8
- SHA256
  
  b4c39d8f0fb669e6e337c5f3138f6171b0905cf875a92b0e3253f33955b87b55
- SHA512
  
  5a554c85ea0222c9d96ebe24b2b0730c3974c59389e2fd0672ccd2c99f78b937bc4529151a24cc68357a308d3e9990f09eb854b05466538c422847d9849f84a9
- SSDEEP
  
  6144:frmoela3kPuG2p6GeqDmjaVmnSmr/u65oPWtduB6yHtYw:fvelMwu65oqs
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32