blackguard | 6ed2947e650e5ad69147353915a0e8fd5852b4c0ab19e595d22ef85b3f20bab2 | Triage

Sharing

General

Target

6ed2947e650e5ad69147353915a0e8fd5852b4c0ab19e595d22ef85b3f20bab2
Size

25.9MB
Sample

240229-bq6tvsaa8v
MD5

e202ad09f1379c3a669ab782972854f0
SHA1

e6d72d3af938f0b49b34c802e77ae8e24dbdab4e
SHA256

6ed2947e650e5ad69147353915a0e8fd5852b4c0ab19e595d22ef85b3f20bab2
SHA512

15cb0281efdc22968944a513493dccb887bcd60e4fc265438da4ac2b04cdb0e02c54c4952fdf362d6c18ee035aca2fedc01cc2a8ae2fd88038d3044c3486a7da
SSDEEP

196608:nXM5XB5CMhUyhdvjYGETJRCeJGkqXZS7b5LlKoq8WF2MmPOKp:n4DCMhUyh5jFET/cC5LlKoq8ZMmL

Score

10^/10

blackguard persistence

Malware Config

Targets

- Target
  
  6ed2947e650e5ad69147353915a0e8fd5852b4c0ab19e595d22ef85b3f20bab2
- Size
  
  25.9MB
- MD5
  
  e202ad09f1379c3a669ab782972854f0
- SHA1
  
  e6d72d3af938f0b49b34c802e77ae8e24dbdab4e
- SHA256
  
  6ed2947e650e5ad69147353915a0e8fd5852b4c0ab19e595d22ef85b3f20bab2
- SHA512
  
  15cb0281efdc22968944a513493dccb887bcd60e4fc265438da4ac2b04cdb0e02c54c4952fdf362d6c18ee035aca2fedc01cc2a8ae2fd88038d3044c3486a7da
- SSDEEP
  
  196608:nXM5XB5CMhUyhdvjYGETJRCeJGkqXZS7b5LlKoq8WF2MmPOKp:n4DCMhUyh5jFET/cC5LlKoq8ZMmL
Score

5^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2