blackguard | 84d783d45b12cf854e06de7743ef1c94e70f92a81604daf9685abdd44aefeb3f | Triage

Sharing

General

Target

84d783d45b12cf854e06de7743ef1c94e70f92a81604daf9685abdd44aefeb3f
Size

25.9MB
Sample

240419-bwdp9sdg91
MD5

a8fed77602acc9394bb6808c02e4b560
SHA1

88df703c23786054f63c76fd8f929e755c0daecc
SHA256

84d783d45b12cf854e06de7743ef1c94e70f92a81604daf9685abdd44aefeb3f
SHA512

cc5fce05c88dbae72f3e0da9114fd40fb765568c7bba27c7aafc414921beef04ee2145f34ed2490424b3e876b13f552edb1ad35993eba84e82546f6c2da495b0
SSDEEP

196608:vXM5XB5CMhUyhdvjYGETJRCeJGkqXZS7b5LlKoq8WF2MmPOKz:v4DCMhUyh5jFET/cC5LlKoq8ZMmt

Score

10^/10

blackguard persistence

Malware Config

Targets

- Target
  
  84d783d45b12cf854e06de7743ef1c94e70f92a81604daf9685abdd44aefeb3f
- Size
  
  25.9MB
- MD5
  
  a8fed77602acc9394bb6808c02e4b560
- SHA1
  
  88df703c23786054f63c76fd8f929e755c0daecc
- SHA256
  
  84d783d45b12cf854e06de7743ef1c94e70f92a81604daf9685abdd44aefeb3f
- SHA512
  
  cc5fce05c88dbae72f3e0da9114fd40fb765568c7bba27c7aafc414921beef04ee2145f34ed2490424b3e876b13f552edb1ad35993eba84e82546f6c2da495b0
- SSDEEP
  
  196608:vXM5XB5CMhUyhdvjYGETJRCeJGkqXZS7b5LlKoq8WF2MmPOKz:v4DCMhUyh5jFET/cC5LlKoq8ZMmt
Score

5^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2