blackguard | aa2fb920352511eed5e9f733bd4432ca77bb6705a5069a390fb0e9f428e13206 | Triage

Sharing

General

Target

aa2fb920352511eed5e9f733bd4432ca77bb6705a5069a390fb0e9f428e13206
Size

38KB
MD5

3f3a0122f855a6f226b3b22bf5799bf8
SHA1

a026849e2948a399ab2493ff9eff62422a977aeb
SHA256

aa2fb920352511eed5e9f733bd4432ca77bb6705a5069a390fb0e9f428e13206
SHA512

4885321c2e96147a782613ceec1339295f1731f62f802dd3fd8159b7aa827466cda2a84b27b2ec4b2e4fb714ea00ef16a25825486b7f93d9e556767bc2a8446e
SSDEEP

768:gz8sG8thLDPP5w52PcHxYW3A89dRtr/F+sd/fmg:YhLTuIyp95kstfmg

Score

10^/10

blackguard

Malware Config

Signatures

Blackguard family
blackguard

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa2fb920352511eed5e9f733bd4432ca77bb6705a5069a390fb0e9f428e13206

Files

aa2fb920352511eed5e9f733bd4432ca77bb6705a5069a390fb0e9f428e13206
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ