blackguard | 7a75c2c9695157772541cd426d057ff382d011a2791bcc3e511d94592ab0dbb7

Sharing

Copy URL

Twitter E-mail

General

Target

TotalAV.malware
Size

53.8MB
Sample

240506-v5kdysbh4v
MD5

b736a845b8adfe0742a94c891a2757ac
SHA1

e3779a453d51caa767dba6282fed486738e50032
SHA256

7a75c2c9695157772541cd426d057ff382d011a2791bcc3e511d94592ab0dbb7
SHA512

9f6ba59bd27e152301f8ce3333b0ee49f09c9779b1c41ff2923d9e2ee01519ebc14d270d43f39dce48afc17a7b0829a36bf285c8514efb41cedfe0cf0b3c6314
SSDEEP

1572864:j8laJM6aR4falBhcz6SL189kXej1e/33NnsC2/f5ZKt:jdJM6aR4ymzvKkS1Q33/2/RZKt

Score

10^/10

blackguard upx

Malware Config

Targets

- Target
  
  TotalAV.malware
- Size
  
  53.8MB
- MD5
  
  b736a845b8adfe0742a94c891a2757ac
- SHA1
  
  e3779a453d51caa767dba6282fed486738e50032
- SHA256
  
  7a75c2c9695157772541cd426d057ff382d011a2791bcc3e511d94592ab0dbb7
- SHA512
  
  9f6ba59bd27e152301f8ce3333b0ee49f09c9779b1c41ff2923d9e2ee01519ebc14d270d43f39dce48afc17a7b0829a36bf285c8514efb41cedfe0cf0b3c6314
- SSDEEP
  
  1572864:j8laJM6aR4falBhcz6SL189kXej1e/33NnsC2/f5ZKt:jdJM6aR4ymzvKkS1Q33/2/RZKt
Score

4^/10
behavioral1 behavioral2
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aebb.dll
- Size
  
  70KB
- MD5
  
  f81983581bdb64f2b9234ad881b9c7c1
- SHA1
  
  a12e1674498d3859f5e867d1c958b3a72047bf62
- SHA256
  
  cbcf727bb8b75864509ca1c7d68d4ef51d64a18b15b3e1145f94cd50f29746cc
- SHA512
  
  03fa42f9fc249be0c2269a076ec95b50e7d323587f5b1b4325549dd010eb2500b0ef8713d1e40c99a6de89abf30a3fc8a01b2d9f77bf224b5a51b2826bb53754
- SSDEEP
  
  768:9YYeKlKHPrmWYGQvredEzQiWidVtj44H6Kd3SVI2HAK2P3hh+:3PGQvrd5LtxHZcHgKW3hh+
Score

1^/10
behavioral3 behavioral4
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aecore.dll
- Size
  
  281KB
- MD5
  
  3aade81602e5fd66d24b28a8f4d0edf4
- SHA1
  
  023193e6b32112153ed8addbbf8c2feb7684d379
- SHA256
  
  cef4cf51942dc337a371d3487ee87e9e2e9b2c82a34fa9b81d7beecd9e56810e
- SHA512
  
  08cf9bd46da4a231675bbe7716e71dc25326d8b4238cab9be28c04895e86d27ae2430be0b94a7fbe1c61a35c9d39d2c95eea283b254eb776b8ccf655638f3a7e
- SSDEEP
  
  3072:hs7523SuHq0Qx10YXQySzjqQPel7k3hGd5WKSGAL9M+OgMTZFXGH2tLg+Vc:hLbHqhx7QhqQPKky5WKSdLOaUz7u
Score

3^/10
behavioral5 behavioral6
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aecrypto.dll
- Size
  
  138KB
- MD5
  
  77c7aed77a8358f1852328ba89c68e64
- SHA1
  
  597abdfa4738ee304f4bb049e822850918a5ddf1
- SHA256
  
  5ef4587c5e57c4b54c321e715907c56d73ace1ef727abf3f6ae52aed644485ef
- SHA512
  
  7156b8d0588bf43986582e853bcf29abc2d6cd03a957270e2c3d555744c1c82ac22420a0b036716cb954fd1d84fc86d35d8dc951d876d7fd2b0349ed8237a226
- SSDEEP
  
  3072:0dQdHHx1InHeIHapjcRa09MHapjcR7Rflj3owtq9dhT+LA:NdHH/IHlHap4RMHap4RbWKLA
Score

1^/10
behavioral7 behavioral8
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aedroid.dll
- Size
  
  2.7MB
- MD5
  
  465282f73c5bf55c9f91e01e8cca14f0
- SHA1
  
  b141c74c85e8b87591dfa883680e9588e00c5a61
- SHA256
  
  008d570142dec8cd337fe28216a122fad8e52f8eafa564729e146f1572d7a97f
- SHA512
  
  89ba2743948b5ee9cc0f375b89167d64abf5bad838777b3c179c9606df5252cca0da2830cf6c75d6a4437397dfc80c09551f6b3925a8045489652c02e6ed1645
- SSDEEP
  
  49152:jyoyI4rlfff/MtGcMnrjD4LTQXJfRI14Ka8eGAp7dp9sCais5jDY5rGjS/QzP+gv:jyoyI4rlfff/MtGcMnrjD4LTQXJfRI1h
Score

1^/10
behavioral10 behavioral9
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aeemu.dll
- Size
  
  411KB
- MD5
  
  a77547ea30c7e99dbf395e2135d5ee55
- SHA1
  
  2383bfff89a586aae2a4e99072b5b740d7115240
- SHA256
  
  daf4f56cffc30b604d238df30e96332dba84447399597cc7bfb94ab02cddec63
- SHA512
  
  ab99353214ee63b3d89dab90722fd4026f76959e7e96085ac93a457f53df9378bfbd35ec33bf7aaee0870d0a7b8ecff4601b5b360465a60d10591204cf953eef
- SSDEEP
  
  12288:ATDo2ZqPL80e/tkut8TNPpCXKQN7f4w8TMf5DTCi5xSfkpW+KV79mgAs3n5GPo:A/o2ZqPL80e/tkut8TNPpCXKQN7f4w8f
Score

1^/10
behavioral11 behavioral12
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aeexp.dll
- Size
  
  394KB
- MD5
  
  8ace5e4e409b42940145bf1859463791
- SHA1
  
  7a0ff7aad25a802f36a70f4936b699042421f52f
- SHA256
  
  5114b2b29aa5ee2e3bd8eb2c52a9f75e2749a7933f59ecdcb3898d694f015fac
- SHA512
  
  7049df679deb104110d9188de2a46ffee0ebaca5b3526c7cc66546995c5494caaed3b2152a8943de7c2a9fb5efa8f4309a7bd94390956a206b82969a221592d8
- SSDEEP
  
  6144:Yz1XwJegZMXkALf8EnDx8L+rN0QmwAdWy9kvTZceYD+Pzb8ljBg0kS:CIZ6DWL+rNmjYy9BeYbPz
Score

1^/10
behavioral13 behavioral14
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aegen.dll
- Size
  
  718KB
- MD5
  
  a572a2f67a845e1a6bea336ea5dad9a3
- SHA1
  
  7fc49d3d3da6f4ec047397c8a3f0097453859999
- SHA256
  
  c4d2e5f648644e85412cc619691d949c2933a74b64c190ec7df0ea5c9e7138f8
- SHA512
  
  f940adf670c3c51f17aa62bdeaf6bc5f8cd3e0b9b24b1167f6a8a63cb03573935c974688bee440b3636b7672806e63034309c13d97e5e17fceddc15fbbd00cc3
- SSDEEP
  
  12288:9JzLbloGZFABTYFuym1Fp5NqAZVmW0/dvswwtZeQ82wR1fYl59yDV:fzLbloGHABYEym1Fp5Nq6GdUwwtZeQ8H
Score

1^/10
behavioral15 behavioral16
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aehelp.dll
- Size
  
  295KB
- MD5
  
  4fd11be4967e66290090f0acbb402e09
- SHA1
  
  bdfe8f35e5dc8044e64850496c7f45d30327519c
- SHA256
  
  f4cca57e7310c76ee4741132e5391089f4182caa0c13dad46c2e04022fd83cad
- SHA512
  
  f9726ebace35fc1371c9eb0967bd1e834c413adbdce50815ab7d28deaf65c9170f879920ad703dcc524fde34cef8dad30818548ac4b7b04d54d11c3b9c07ce7b
- SSDEEP
  
  6144:Zg6abREzUxcSgulWoteQYMLIWlaDhDLVH:O69zPFglksadDBH
Score

1^/10
behavioral17 behavioral18
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aeheur.dll
- Size
  
  10.5MB
- MD5
  
  fb16fceb4abdbf6d8f1be151924fcd73
- SHA1
  
  a56c60a6efe421aea7b4710c200a79f1c353a74f
- SHA256
  
  fe0b17e2e99676be58fbdd69b3a15eb172d81cbf701e894ad1ac42773cf24b75
- SHA512
  
  08f88e9c49853a9fb42fdd7a7567c5a74c8819115fa5639facb89a5a9d7d2a215187f8a32436ca5a94f14372921944ac391998b7acf50fb33a18073c6b5bd018
- SSDEEP
  
  196608:3BhXYuuLuywlMGdXSCOeVNluvHsxicIiSRvHqPCvlgIScOW6wjNc:kfJV/OWM
Score

1^/10
behavioral19 behavioral20
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aelibinf.dll
- Size
  
  78KB
- MD5
  
  b871e50964730df56ba2782bcff46d97
- SHA1
  
  c50a71ed3cbd0c3a362b34d80e69260cfa67f1f8
- SHA256
  
  00da20e602fa16db217f0e947e810230bd9ddf859b902d32d9c1fde813be9f33
- SHA512
  
  478f05df9dde5950b211ab3ceb14391352114d75de3abf80070ffe569bcd7b32f930f28321b9667b72933955db2f366f03892cef130780990ef85f438019ec2a
- SSDEEP
  
  768:VVH0SGm8JSMfeHbSUSGE3MSE+RenTksudO6mlGDOtnLiG0VtnDI37XKd0YI2HAKq:VVXUeHbxv89suQlAVtDD0YHgKvghR
Score

1^/10
behavioral21 behavioral22
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aeml.dll
- Size
  
  327KB
- MD5
  
  31431daa0b4bb2f33ff415bedd517b11
- SHA1
  
  08598b23bd6122b6b958c114fc8c744372a8ab4f
- SHA256
  
  22f99e51c3f7a3440e92fedaf3a0c97cd24ba47ab495a66df5eef75d9fd383f5
- SHA512
  
  8fa026b51389e26218a0bd27cb025c719a780a007cacce05ffd8f87c1868b60959a96e0e77896cea4006e53b283b98db85afd4e6c212ca8f909624b9335439f2
- SSDEEP
  
  3072:EucnoFbHj9uP+SZ+cFl9miuumYytVhyNOtU4G0KRV:HCP+Vkl9fnYC+dOV
Score

1^/10
behavioral23 behavioral24
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aemobile.dll
- Size
  
  353KB
- MD5
  
  ae3587d21cae5d74e438ee2492f65e72
- SHA1
  
  513ee522fb8e64312e99f1cc0b224bb315178532
- SHA256
  
  5096c9ab09e878d06596a20192d9b22ae7432bc660c8f4d8a24ea5daec509baf
- SHA512
  
  862e65c9122aa3f4d3155e995f586d13a93c5ccfaed6e637f34b5847bc178b80c9da51b9d9e3c3b03d61538ead7ad7ad03ab19e94a62f420da2ac62b7ceb060f
- SSDEEP
  
  6144:8NO19B3fnj21PJQs545pFFpMvqW7yCpPi+W25La9lIgUyff:8gvnj21Px5Ewq8LslF
Score

1^/10
behavioral25 behavioral26
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aeoffice.dll
- Size
  
  790KB
- MD5
  
  ade1cd616758d98b6940bff8a327c719
- SHA1
  
  899e7c2ba09039056b17d2bba0ac87cd2a60c224
- SHA256
  
  1c2a0d870f46575dfece1758809ac4d7f5e37fdb945a874512f99f275c4d2bc0
- SHA512
  
  ad3249022c85851dadb717b0d1249b02eff89002004b98afa56c48b8c3d4de84a3345e0db95d387aef467bf80fb9250c9d73b580092b480bd96210e939535cd8
- SSDEEP
  
  12288:y8AvzivsdXkMME5zFVtuEDJvv01s+uUoTrTPe6sT54c:bkGvsdXdxp61s+uUoTrTPe68
Score

1^/10
behavioral27 behavioral28
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aepack.dll
- Size
  
  837KB
- MD5
  
  2d7f4f6b862c67d29f9acede3f87cf62
- SHA1
  
  cb205c9ab69ce9b11fd404c82278254e039391fd
- SHA256
  
  04936e1a579464228b0a04fe9b9808a2c94d60fd8f968261f8576ffb48ab8140
- SHA512
  
  075501cd6a482b47b03c1c113246b3d9ed109966d9d944cc32708e60c4bdeddde562921f897a952341c9106b0794685d6638bd4505340b8079e75f0ea0bd5045
- SSDEEP
  
  24576:atz1KXoXhoY6pJ1LTwV969rMB0u604dHcUKP1Y4:atBBepJ1LH9BuxK0B
Score

1^/10
behavioral29 behavioral30
- Target
  
  $APPDATA/TotalAV/updates/SAVAPI 8.0.0/aerdl.dll
- Size
  
  1.2MB
- MD5
  
  9b6b3cada9669f3b17ff9368f5f42148
- SHA1
  
  17a644be4542753bcebae09bff342c6e70e425cd
- SHA256
  
  f15ddc02864fce89707ec58b1f50ee5ab31be563da15d9d0e10c21746cb5f9cd
- SHA512
  
  3da00167dea05a34897ad17c236591b6dcb48bccd37ef2e29c52d15b8f5dd52cc53fe136129aab43ca39f2e5729746724ab9d4854cb021c298490a7c0ee5cc1d
- SSDEEP
  
  24576:amhFd3CHwCtScxrfKeDhYthlw/9X91UeF/0xR/1WoTikWa8a9gEng:2wCt2i/fmYQtDD9gEg
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32