blackguard | 31325e4e4a113f0e08f55dbde882d1ebdb896efcc902d9e835144756db95df42 | Triage

Sharing

General

Target

31325e4e4a113f0e08f55dbde882d1ebdb896efcc902d9e835144756db95df42
Size

15.4MB
MD5

1bbef93d43a341d1d1170e4aa47c39ca
SHA1

cb83ec19fbe973faa4c25da2744f26dc575384d6
SHA256

31325e4e4a113f0e08f55dbde882d1ebdb896efcc902d9e835144756db95df42
SHA512

15e8ee3f9a92ad65993dd69a1721ec5867d83166e355b1903dc272d9f1e36ddb66c6ad665733c8aea81b356433acfaf806a1afd0786337c73b660203641fe526
SSDEEP

393216:Fn0DTuQHS4y0WyNUHKoc8tQsvcsM+o4YkSbOTByWR:KDTf7yx9Hpc8astK7OIU

Score

10^/10

blackguard

Malware Config

Signatures

Blackguard family
blackguard

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
31325e4e4a113f0e08f55dbde882d1ebdb896efcc902d9e835144756db95df42

Files

31325e4e4a113f0e08f55dbde882d1ebdb896efcc902d9e835144756db95df42
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15.1MB - Virtual size: 15.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ