blackguard | 75b5599f00d4ef27851cebbbdab901b2761cf918cb44573492f22b73e3096453

Sharing

Copy URL

Twitter E-mail

General

Target

Content.Warning.v1.9.b-0xdeadc0de.zip
Size

450.8MB
Sample

240412-19zbkaac9s
MD5

1b9746a792b3c6a03f28ebbd9f369e7a
SHA1

5b3b80d76035b147880f71164b88985ab5e20f45
SHA256

75b5599f00d4ef27851cebbbdab901b2761cf918cb44573492f22b73e3096453
SHA512

8a502599b96367fbc97f4a2cd292f10e4f14c2eb1c5028888600bb027ae54ac6babdc495975e9a8f5e3a0024463573bbb77ff3c8d0b3fef5fc48cd535a21b497
SSDEEP

12582912:4qdFZJtWmAXuxr7uJ27ahBRV08ex+lFFOCvGoiT4bivDLzKU/:42FBA+xr7S/hBRex+NOCvmT4bS+O

Score

10^/10

blackguard

Malware Config

Targets

- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.PhotonUtility.dll
- Size
  
  11KB
- MD5
  
  261e30fc24ad6f8cbd7864237602e764
- SHA1
  
  f740d8b95f9611e59af3c55c9b434abe210b8495
- SHA256
  
  4b27115155a5ca7402ea7104069d3dddd9924322430759757165d864bc83f280
- SHA512
  
  047216e3bd41c0678148876800cbaa5b17ccfa7b3f764fe8c81b4352a2a137cadaf464357ffdffdfec4bae01b3a0621e750639f1e20d883bab9e5f024253571b
- SSDEEP
  
  192:llsLNzH7MmyE264V4m1yLH7SDR0frFvE65QKQy7IW1f+jNMu5SP2:fs86c4D82hXJ0Bv
Score

1^/10
behavioral1 behavioral2
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.Recorder.dll
- Size
  
  21KB
- MD5
  
  002db49cc8e091665f17bfc2092ab3ea
- SHA1
  
  544f200686dc90df1941a5b64f148a013ff22f6e
- SHA256
  
  28808f848512f14869a87f374604aff2cc918e48754ac660d10aee19faf27802
- SHA512
  
  340f5cbb4175ab1318ba5eaa22358f418ca2f4582b54c2e53761453ff97d029de9ab38bc0cf999a7f7c921ca93e21e4d91c82e4189f075757fb313dcf0b6a052
- SSDEEP
  
  384:T/8rzz/i1lykvQqzIl0s3Wwfu3zzNerPvFRQWr36jvHLQ+RCXAlbtqCdypAlr1Pr:T/8rz+BQq0l0s3Wwfu3zzNerPvFRQWb2
Score

1^/10
behavioral3 behavioral4
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.Settings.Runtime.dll
- Size
  
  17KB
- MD5
  
  0d65cde21aedfe36f56f278e0a0700d6
- SHA1
  
  1806cb8f0f77e48dc5df0433cc0eca594f588b48
- SHA256
  
  9407fd5883f72b25aa283f2e28626a07c3535e81dabcc65f934eb1859bbd7a44
- SHA512
  
  d8a6c9a1e4b06737ee409c277c0da036f83e1f27e75894ee3fee697bc16e723a117a9d094923069fc40220e9dabaebb093b4b59a9896206caef49daa4c60499f
- SSDEEP
  
  384:fv/i4FhEXZ054e6FrKqiCnKx7GSNCb83g:fv/iWh+0KXrKkU1NCb83g
Score

1^/10
behavioral5 behavioral6
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.UI.Runtime.dll
- Size
  
  15KB
- MD5
  
  7d519365b4b7b25abb5966ae8b4290ff
- SHA1
  
  02372b74c75296dbc8f3fe41d3c794fb37e44d6d
- SHA256
  
  2dab6049695495e924f6a580cbab2754f246e35a4f27090d87742fd7b5004d6a
- SHA512
  
  91c3794e4d23d19057766f1c6e147c5df3ae2c6a8ad0c6ad4b754b291009c72305d9ca302546b3f441ebba5d1317f1254b2224ea61a7b560163d086fe8e04d99
- SSDEEP
  
  192:Dr0tZyau5uHDMs3D6gTmIWcpJOCDgxck1ILlORLE5xf8j2bFOnWSusuqSGeMXi+P:Dr0C4Dx3GgfDo5P2CWjAzp
Score

1^/10
behavioral7 behavioral8
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/com.rlabrecque.steamworks.net.dll
- Size
  
  396KB
- MD5
  
  6ff626e156e61bb2f4b5257b8546fa1b
- SHA1
  
  b9ab52946adf95008668e1b2d359594b47636cc1
- SHA256
  
  04c9f19b44a0625c4c8067837deaa56636507108126a5243560d669d1e59a75d
- SHA512
  
  322abe099fba637b583f9e812283c971e78e6ee639f476947e87cb559d53cc48f3e437252e9b1f5d84cd6434ae997594868f8bffc31c8c5f703e17095eb238c5
- SSDEEP
  
  6144:VnWdgUHAxTGuQYu2KADuMUMvkbR6K+N3VAuuyJxEkA8//wZkAdKQVA:VnWiUHAxiu62KAKjghuyJ9wyAdKQ
Score

1^/10
behavioral10 behavioral9
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/mscorlib.dll
- Size
  
  4.4MB
- MD5
  
  c5d62cf1db04caa05e66eb96e928d1fc
- SHA1
  
  b46dc35ddbbe9dbcfde706786f484a93c498dd5a
- SHA256
  
  5f87104b87a097a881beb1d0352483b7c7b9db8eab1efb55850dfbd9e68d7b52
- SHA512
  
  89cb5584d64d8b27dda836ea89cf38b8206093b86c3b9532d29a17f5d0b0f37c1ba1bafb7fced0ddacf7b1f3772e9d293bc3fbf1423c73594df6a3a3478139a4
- SSDEEP
  
  98304:WvIAbMst0AH/NNAzzg/IwACSykiMYAldVUndZBlKj4Xl59xWIKWBCFzXjg1WUqSv:W5Yst0AH/NNAzzg/IwACSiwu
Score

1^/10
behavioral11 behavioral12
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/netstandard.dll
- Size
  
  88KB
- MD5
  
  c61967ebe7f07f6a5a1b3f91842bbc3c
- SHA1
  
  c2db6e7376977c5c7f17d816406ca70f95d8e1ef
- SHA256
  
  6ae62e082dc494a2433984177f60ca4db5fae69b1f360a8b33754172b310b8c5
- SHA512
  
  5e63289f67a2b5d436d192a6354444327c4939e854cdae82614950885265fcc76739219138f22c55171362b735169ed77e0699958b4960a909f6ec919ce3aa49
- SSDEEP
  
  1536:zsYKt7WAMU9UYk5f4bJUHGPdghpuSX5qUE7cLh9z+:3K4AMaUYm4bJUiIBh1+
Score

1^/10
behavioral13 behavioral14
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/pworld.dll
- Size
  
  124KB
- MD5
  
  19459fdf8486fd705a5bc8ba5b218583
- SHA1
  
  b94723e1eb85dfa8cb7cf381ab54d37ef9377d7a
- SHA256
  
  9a61cb0bbc9855f52a322222f260223abcbe447959bfc85c278630c498740cf0
- SHA512
  
  6db79d4c580fa7adce1a8689132c5de40f69c283f4a4529c084c6ff72c8ac55ea970857799fb8a39f2bf0997e8952524a50cd33ca21fcf7d6368bd167b6f176a
- SSDEEP
  
  3072:pkmiC6rGbNCYcpWhTduVGfCy7W6vKpgz:pcg5Pi6vs
Score

1^/10
behavioral15 behavioral16
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/sc.posteffects.runtime.dll
- Size
  
  139KB
- MD5
  
  b8692fbf54061f1f19efffa0ed668aac
- SHA1
  
  da747aa754c662cc74e07fe166fa217e6aeff3dc
- SHA256
  
  cc2246f9e6c47e2560d89ae94a969d59773e93182a123e29b81a9da07d03bd10
- SHA512
  
  911b5000e3c79cdcdd0cfedd5e3424f77baecf0676640486cd027b384924fd4aa0cc26da6009f56da2182a4aaad6f18af93aa3b53a18cded4c029de672907f9d
- SSDEEP
  
  3072:OaM+3JpA34Q6PhlAQ1h32QlarOMCCBtpo:rM+3uJ291h32QjVCB
Score

1^/10
behavioral17 behavioral18
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/websocket-sharp.dll
- Size
  
  239KB
- MD5
  
  9a493eae8b5d8c7b8e08cbbd6bf5d22d
- SHA1
  
  fad4ddd3abc55403440bb53f7f1b6b5bfcf15bd5
- SHA256
  
  e57b964eeb264945c4c133912a61fbbbb793d697b5cf76a5c4ac97341a2659b2
- SHA512
  
  04d1a73f08154d74e708705270cf933bf3d0633963775979fe14b826bf9ce2c7dbc08ab5bca773d56c8f754063238ac63e92a4caf686c7abab019de9d48b09ee
- SSDEEP
  
  6144:6dVbusKO+i3yaead2FB8hXgf+OuON/s5fPK5U:6dQsKOV3yaeaA8hXUN/U
Score

1^/10
behavioral19 behavioral20
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/AudioIn.dll
- Size
  
  142KB
- MD5
  
  c761d504977ccb55c1b98b3d171c3620
- SHA1
  
  88c98ff7224b267bfa7a3b06f9186ee2c78dde7c
- SHA256
  
  50f8407d6cd5625d2a8811885a1917989c92186e8106b1dad8e39cc4f7f9a62e
- SHA512
  
  9ff3e033e1505f1e9926e254296fb7ca82c298b6cf3e307408a09ba6b2d884abc8646e2ae64ddea1c5ffe1b329fc2d2f9a5998fcaeef464bacf1d12ae7d909a4
- SSDEEP
  
  3072:PYjZNWehiHilHJfqE+9Qcm58uqiWFfdVGLMwVF:igHeJSEqQcmjZxF
Score

1^/10
behavioral21 behavioral22
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/audioplugin_phonon.dll
- Size
  
  150KB
- MD5
  
  268704605dd3be389db0913e48037eb6
- SHA1
  
  d4bd4a55e2ca6eda2b9e533fdba2033da85fea09
- SHA256
  
  6c3c29163bbe127a9e4a37a11bbb0b48be30567e9de58dde0f939498f0c343cf
- SHA512
  
  e6c5fa56051dcfc2da52ac0db36f1a9607c8fc011f810be0d217e4fb5c48cf69c701d93dade579e830892b9d0bd459eb4ca5c041762ff03d88ca5c0adbe1db1e
- SSDEEP
  
  3072:9SvYicJgqfiRXf15L0yeEy7jiTOMld5A0HsMcrWw5:9QvqMP15QCy+5AaWWw
Score

1^/10
behavioral23 behavioral24
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/discord_game_sdk.dll
- Size
  
  3.7MB
- MD5
  
  a70393adb60ba6f2e55aef6e6fdd18da
- SHA1
  
  5bd9ad15ecf6a60f0a2ebccad8a890e792f0e021
- SHA256
  
  e95e8d46087b846396c340b299fc20295a9aa79e328d2265e45d05ddc8782a0e
- SHA512
  
  f0d66508699106008ae3296cf5b795ee83e99152267863bd4062321f2646ddfe99c9bd52922ab410aeba45b0a7c24c4f525bed6938dcf1a702c6d6edea74d13d
- SSDEEP
  
  49152:Er3bGelmX4fb86zSY14Bwc9yQkqdvca0psNH0MUpDWxjupPfHS2XSgRenP8H9cso:/t2Wano+vp
Score

1^/10
behavioral25 behavioral26
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/lib_burst_generated.dll
- Size
  
  416KB
- MD5
  
  7bce8a849a919e69a75de79d4ab30057
- SHA1
  
  c4f0ad92bec89704384c61c7d8adb45aa7a7d026
- SHA256
  
  fef0cd4f4c673f61d80adf00c89456fad03f8bb60fd88c9445566a4c92f4eea1
- SHA512
  
  76141aafd0c9115bab71dc02ba96d899deb0172683165607a82075fd819e002fa2935a0616f8c58993a57f25a90b7db5c0daf1134b4ad3d5fb5bd765af6b1d2b
- SSDEEP
  
  6144:oXC7n1NAENlp6yGvvNNVyrm3oZg8pCrrKsnnz1Y+Jv+scqzY30t8W0iD:uI1BNT6FNNU63eg8QrmGvg3DW0i
Score

1^/10
behavioral27 behavioral28
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/opus_egpv.dll
- Size
  
  430KB
- MD5
  
  8b45c7ec84adc6a071bf5837f1038cf5
- SHA1
  
  6bf74519b96558dabaaa219a83e7ebb97b59ba8d
- SHA256
  
  4f74f4a21512f4cc13bee08c043cf98e0a4c92c02d265283058a19f7c70d7ee7
- SHA512
  
  f960fb5ac6cb50e1dc17f9e2553c4c6fe305c7eaeb83f3d4a742854bbeefb029f2b8c9e4e813fc47eaa6f5a928ac612c48d893841aa3d0c7dc4f6f19fb2ba403
- SSDEEP
  
  6144:YdcYMYMqHpMAAv8ukEacI/fbPiKvF3Yo5CSiHxqLeLtMdA8jotLvznklujtyFoAg:WFVJ3df7wP58AVy9GvIbYoFo
Score

1^/10
behavioral29 behavioral30
- Target
  
  Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/phonon.dll
- Size
  
  18.8MB
- MD5
  
  cd91b994ddd3cc7c481c2f0ab7f3a207
- SHA1
  
  f46d79c14ad2131a8b4847932f4a7d2865b34af7
- SHA256
  
  b05be6a90062e4a76593ef2837d8bc03bb93c9296871975d4716e90460176834
- SHA512
  
  840220ff5e636a4f730da382f4122429fed0026da50699b36de4396280dc2f92862a44978650621c390699fbb2243c4296af37005ac9f7fadb59d68185c4a8a8
- SSDEEP
  
  196608:Y6TFOQVfXyKA6E95iWbYC21qVtG0c00MSz+fINiPJIezANEU7zNKr49L9tMgJTSY:d6ruktxc00MSzQINaJFoEUYr49x3+
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32