blackguard | 8d2d145dd23ab448123201d7775bee0fdf47a5b3a3c94bc92bc7969231dbf044 | Triage

Sharing

General

Target

8d2d145dd23ab448123201d7775bee0fdf47a5b3a3c94bc92bc7969231dbf044
Size

14.9MB
MD5

40e3f003dbfae97db8b3b4f3b4d55f4c
SHA1

0650e6a531c81ab965fd4ad1f8479a69f1d545e9
SHA256

8d2d145dd23ab448123201d7775bee0fdf47a5b3a3c94bc92bc7969231dbf044
SHA512

9cc5d9ab8655eabc80d9e56cbba2abebd64a4b1d81896888a7b86d0de2fd7bfcbf04348bff4c982472f22ab85f7d4ccb40da9138a70ca980bf995efc5f679c1d
SSDEEP

393216:LHGT0SHSky0WyNUHKoc8tQsvcsM+o4YkSbOTByWR:TGTNbyx9Hpc8astK7OIU

Score

10^/10

blackguard

Malware Config

Signatures

Blackguard family
blackguard

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
8d2d145dd23ab448123201d7775bee0fdf47a5b3a3c94bc92bc7969231dbf044

Files

8d2d145dd23ab448123201d7775bee0fdf47a5b3a3c94bc92bc7969231dbf044
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 14.6MB - Virtual size: 14.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ