blackguard | 1a7e1dbc5b581983480ab7e941caa2fef0867dbf158a05afdb22a3bc97a4f735 | Triage

Sharing

General

Target

1a7e1dbc5b581983480ab7e941caa2fef0867dbf158a05afdb22a3bc97a4f735
Size

2.0MB
MD5

9b1452092551f69de62bd2901a890fc7
SHA1

e425f6a76b0a71938fa4713377598d8f3165f766
SHA256

1a7e1dbc5b581983480ab7e941caa2fef0867dbf158a05afdb22a3bc97a4f735
SHA512

f9bd83226d0927ab9d98bea8e720272fa779edfcbb0f7b3aefa76a6960e87f9cc2efe2a6108a2e9f285962318f6d8054c6cc89bf10e445933c145c3d6d2e73e7
SSDEEP

49152:1Tq24GjdGS0mrgBWBKH8jkDVFCNXODzWS9HfX0H0han:AEjdGSi+KH4kpc+DX/0H0W

Score

10^/10

blackguard

Malware Config

Signatures

Blackguard family
blackguard

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1a7e1dbc5b581983480ab7e941caa2fef0867dbf158a05afdb22a3bc97a4f735

Files

1a7e1dbc5b581983480ab7e941caa2fef0867dbf158a05afdb22a3bc97a4f735
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ