blackguard | f901897651c050ac26c08a8ec876f7e2731a54de5546f21178e9aa37c8f68e4d | Triage

Sharing

General

Target

f901897651c050ac26c08a8ec876f7e2731a54de5546f21178e9aa37c8f68e4d
Size

11.0MB
MD5

5bb1f27c3b2c61517c1a2203b4e3fc10
SHA1

304853247d775faacafbb2334bdd3e8abe0f35d7
SHA256

f901897651c050ac26c08a8ec876f7e2731a54de5546f21178e9aa37c8f68e4d
SHA512

4a937b7c71e4a1a89600409e6c6e0ab304cd5d956c36385697c659af36d2c8c61ef8bd2057fa7a97ee75032ee93f999349682680187d7c69a9a3f3da0f6df3b7
SSDEEP

196608:HjhTswJC7r5tQYdX3oCcm4EXLquG+og56QYkSIABTFXORGIBWRLVwRQ:HNTk7r5tQsvcsM+o4YkSdOTByWR

Score

10^/10

blackguard

Malware Config

Signatures

Blackguard family
blackguard

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f901897651c050ac26c08a8ec876f7e2731a54de5546f21178e9aa37c8f68e4d

Files

f901897651c050ac26c08a8ec876f7e2731a54de5546f21178e9aa37c8f68e4d
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10.7MB - Virtual size: 10.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ