blackguard | d91f6a24dd9b66fd660c6676cf8e4a7668ed1a01df265ef4e231f28fa12f88ae | Triage

Sharing

General

Target

d91f6a24dd9b66fd660c6676cf8e4a7668ed1a01df265ef4e231f28fa12f88ae
Size

14.9MB
MD5

84f635301827ab3d3184ea269aecc61b
SHA1

0afc80859bf35eac45885bf53cae35c58631f1b8
SHA256

d91f6a24dd9b66fd660c6676cf8e4a7668ed1a01df265ef4e231f28fa12f88ae
SHA512

e0276ab70dac596a650417d02f5fdc29a460569882cafbbd12e063cf34ad185250734c5ace7d71e5551d897cf5dfe524a705d1a3e800a4c84c8591082b34aae0
SSDEEP

393216:WzGT0SHSky0WyNUHKoc8tQsvcsM+o4YkSbOTByWR:UGTNbyx9Hpc8astK7OIU

Score

10^/10

blackguard

Malware Config

Signatures

Blackguard family
blackguard

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d91f6a24dd9b66fd660c6676cf8e4a7668ed1a01df265ef4e231f28fa12f88ae

Files

d91f6a24dd9b66fd660c6676cf8e4a7668ed1a01df265ef4e231f28fa12f88ae
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 14.6MB - Virtual size: 14.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ