3be37af297b190efb8db29422fb9f74e329db481d55065731a669834daa8a449

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Trojan-PSW.MSIL.BlackGuard.c.4.3630.exe
Size

6.5MB
Sample

240521-sp6k5sab43
MD5

2b82b5601d49184917fb44181c63f594
SHA1

0a52dd49e721a5fe8c86a034c94a6348f1de952a
SHA256

3be37af297b190efb8db29422fb9f74e329db481d55065731a669834daa8a449
SHA512

24818cc1af978c7bb967a39210b544e565a7be5aaa7350793317a850ce4ed212828ae8a8c2482e1edf782d6d571e2f4117ceff93a93c9c12262832f9231ebbf8
SSDEEP

196608:k3Q9SA7QYtLXMnB4lT2MqJctbVNtCxZeSUgj:k3Q9SA8wO4lTYJc9VNtn2j

Score

7^/10

execution

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Trojan-PSW.MSIL.BlackGuard.c.4.3630.exe
- Size
  
  6.5MB
- MD5
  
  2b82b5601d49184917fb44181c63f594
- SHA1
  
  0a52dd49e721a5fe8c86a034c94a6348f1de952a
- SHA256
  
  3be37af297b190efb8db29422fb9f74e329db481d55065731a669834daa8a449
- SHA512
  
  24818cc1af978c7bb967a39210b544e565a7be5aaa7350793317a850ce4ed212828ae8a8c2482e1edf782d6d571e2f4117ceff93a93c9c12262832f9231ebbf8
- SSDEEP
  
  196608:k3Q9SA7QYtLXMnB4lT2MqJctbVNtCxZeSUgj:k3Q9SA8wO4lTYJc9VNtn2j
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  chrome/content/bc_context_menu.js
- Size
  
  6KB
- MD5
  
  59f7b06b22d17969c7fc659234a876ea
- SHA1
  
  097ba6ac008493c42d5d14c7a47c5b5cc368b9de
- SHA256
  
  97f763a0c6ff58b9161685aad545f37412bfa318ea80c60d2ba007d50f16c397
- SHA512
  
  434d0665b016d5e5e352217637591bd14294a892b4bc5989f39d8874ad3b2a07666f6f58cb0b8d87bc0749ba1be20839d301dfc43f19b25363ca651ec56d9582
- SSDEEP
  
  96:kFIUM6HDiqQ2xBROeKx3UcqtpgzH/EV5XQa4XQgk44Hsjg5jbH:UiZ2xB4ewkcgpgzH/EV5XQa4XQgKtbH
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  chrome/content/bc_media_capture.js
- Size
  
  17KB
- MD5
  
  79ba4fde7a772f0e9c50866daa8dc111
- SHA1
  
  eb8d534e6dce6477c12b567d812184bc496dbb87
- SHA256
  
  118a35dd013e2508f31adb855beb773cbbaf9a7c3da426fe6df474fe05be5dbf
- SHA512
  
  d6963c7822ae17185367a08177dd57d296ea469ab91c4a8aef40433c587cdee323fce8d88d4a716209ae8b8e80a23d6d2eadc8e2d72ccb055169d0482e33089b
- SSDEEP
  
  384:mWTGseoyD4Z2gK42/VqiBfbTZd6VK8YH84zjgWLqjYvUr9rl8EyF:mWTSoyDM2gK42/VqiBH6VDYc8LqxrA
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  chrome/content/unknownContentTypeSaveAs.js
- Size
  
  6KB
- MD5
  
  58be9e74a29c682445d328669e5e567d
- SHA1
  
  ffe474b2d0c17d77d4abbb39c11c5b8811678f79
- SHA256
  
  d0c3ff29117d6824f6aac06be059499cadabc598147a27789de98b3a04c58d57
- SHA512
  
  44ccc754432ed1d1d32c9eb6438880d7132b8809ffb2226a01482b7633b5d49ddc51208221cf9c79bc45abea29f3659df903e78c608633bdf501ca482057f4ad
- SSDEEP
  
  96:83wlzXFzTPLMTXucyaylzJ58toB4IW9YxlkIdX3Q:74+RN0SKoDX3Q
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  components/IBitCometExtension.dll
- Size
  
  1012KB
- MD5
  
  08718f3054c668a3da2f124f49e35026
- SHA1
  
  982159038a7628c4c372ac08b76edf64646f550e
- SHA256
  
  3cea824a822bb41e1b7fee01825324014ba0747d79e8800fb549957b9cbf0203
- SHA512
  
  5f0c190f5adf659d8067d5618744a98a892f6be9fa5024cde82e35edf33a09f3bc983c80f3f8ffa112c391503197d824c6fc21249e8625d2332f86ec93d8d062
- SSDEEP
  
  12288:mcNbGh/pN7wesyvh/PwizR5nn5aHamj37uyt+7pDxaB:mcVGh/pN7weNlPweReHamL7uN
Score

1^/10
behavioral10 behavioral9
- Target
  
  defaults/preferences/bc_context_menu.js
- Size
  
  154B
- MD5
  
  1956a40c357bb8183229d424f59e0a08
- SHA1
  
  a7e2ff03e718e3f85bcd4a15bd0558ef034ab91a
- SHA256
  
  5038ed90c9a2e9a6bf241130e6af4bdbfe812357f485c2859a52b8e34f64d71a
- SHA512
  
  bba075fb2ad79d5a80bc75bb78d97979223fa8088fe10f84b79c2dd70735ca8a84836616276d299e9b4ad4f791ac2a6b60fdc0c88c7088e5ca712cd5e51dca5a
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/BcNsisHelper.dll
- Size
  
  760KB
- MD5
  
  e0046b158c4a1c1a6970a64c5e4d9ea4
- SHA1
  
  3ce0e866dcbcf30d4e787423c4235f09a6463a24
- SHA256
  
  8cce6e8ece1881744e4474f03c2764f8058bb2718f20b3dfad8fb6cbd668f12d
- SHA512
  
  716f63be8f238574d47ca0a91a78d8c5708537c90be1fce385c8fb754fd6fe33e91fe0ac7b0ef72fd3b7c6b11d310b3ac642a0351b4392f363c47e6b3ec6eff3
- SSDEEP
  
  12288:5q3UoTuNKNPwEkXOhkRca7VFWwrX4CmbgfQmv/Jfh/hqhjhjhghMQM:hYPwX1Kq3T4CmSQyQz
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/BitComet_stats.exe
- Size
  
  81KB
- MD5
  
  edb96675541d0275c42096b64d794d3b
- SHA1
  
  d722c55ec62da1866a6ef81072970117b85cf290
- SHA256
  
  842df63767cacb7aedb75fb352c1505d518662e2e9dca5a297515ebdae093918
- SHA512
  
  5c7c2e848c68f6168035dbfb834d31586d0ca1abb16f220c617f9e36a87b6d4ff0a1aef03a73d5313d8962c9befb1bdf3ed2a700ee3668df948ec067e2b1d124
- SSDEEP
  
  1536:tCRIsR6gNFbzfv9i6Ix3RWCS35BrxOhG4ZcvblF:/sR9NFbzABxgCSkhG4ZcP
Score

1^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/CometBird_Downloader_win32.exe
- Size
  
  748KB
- MD5
  
  81d94a28813a4a63000becf12408b509
- SHA1
  
  63eb8babab4104c7839a097acd3573d70967c427
- SHA256
  
  1cf0b043db7cf0a9d8149578a6972e4ebdc379e6af2913149db4cbebffdfb101
- SHA512
  
  1305ed5bdd9956348b7888e4e24551e411e391869a38b67865a8d33f3d4a5b84914b50efc4083e62bee91407782a162553b51ef9d9ab7640d62a070c0c33bf1d
- SSDEEP
  
  12288:sNlVeeIzCmGFA7lFRHgzZnLVZviVweXtYOdb6zeL:I38LLmZnLVZviVwVds
Score

1^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/GoogleToolbarInstaller_download_signed.exe
- Size
  
  202KB
- MD5
  
  27060ffc99e86aeb1ef52ff876290cd0
- SHA1
  
  bb084638c67dfea7c6872cf7bc0d8d25c68e40b5
- SHA256
  
  dbb3edd757ed9e3c6d8657035492c4c287e62350b4759d16d1ba780c2afd1449
- SHA512
  
  c3ebc46ecd0ce4de084909e401869c83a3954f29f3ee295cd2626755977af0cf9e54e222d616be5459967685e54b8bc2edeb981fdb792a960aefe1bed9c443c9
- SSDEEP
  
  6144:+SbRStfWaLHwStB18TDfn0HZueWIY4AfOp:JNfaLH1t2Df6Z1WIYz2p
Score

1^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  786110d3394edf4bb5c14e3e9a49f9e6
- SHA1
  
  4adf64a5999a1a41870fedefba22f67840f36f3a
- SHA256
  
  3ccb4385cd22b5c69bc2583e181da4085477906c193f04eb5a400801e00dbcd5
- SHA512
  
  e85e49b492a04188c46c90fef6ba5b177f85c670848f902748ec1540839ffb2f5d88563c14026328dd2100a48979ff8e67e7af1eee70fea0eb477c78db4d9524
- SSDEEP
  
  192:JsIZHdT9uwYX94kYd2iCzHR+yK7imphLAykycpKPd5mn8ozxGUWumle:JsUHd9GN2d2iwl0impATIPdAn8Ov6
Score

3^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/InstallOptionsEx.dll
- Size
  
  128KB
- MD5
  
  129b0668093a10e2a704a846c74a2ae8
- SHA1
  
  d16c6e7d449b9b81b9f67e29f5b08a47a1534072
- SHA256
  
  3a2593bcf62fc1d085bd2eafdbf762eb82b3b8a0619ba470eefe4df622ae783c
- SHA512
  
  b96e911f503176d074b6ee7d9ca6735b2fd3474b1e34867addbdb7717300aaf7cbdeabe3c536df652327dd3063009d44fa33861bb7fcc4208d368e5b32357dfb
- SSDEEP
  
  1536:MhdCp8I6g5rD48du2H1qqja40oal19wgBOxnu3TbNbFgb9j+WIwv4Q9QZatxt0tF:gdxg5QC0/lw8tub9Tv44Iat3wok
Score

3^/10
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  bb3707e7614a444b799d3842bf34b31b
- SHA1
  
  e4b75748e417b8a7be3a199150f4338f9d883cca
- SHA256
  
  098a384cb4c14b9639db4f4f113426d2a91d170a2affca3e6ecbe57b18d86c38
- SHA512
  
  728e7d2a7a555228f24f04829099e5f266f8e3b2f91bc44181c0d08425de158d4c1d61a25c1914bdf0ade43377462169a23b311f7cd110a1e4a07bc781ff25e4
- SSDEEP
  
  48:a6T4WeApYxYlxamAWHN+EuWkGWBBWAGr9SdLB8m0bofYZVSA:MWGSxamjHNDuWRWBBWvm0TV
Score

3^/10
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  301a9c8739ed3ed955a1bdc472d26f32
- SHA1
  
  a830ab9ae6e8d046b7ab2611bea7a0a681f29a43
- SHA256
  
  6ec9fde89f067b1807325b05089c3ae4822ce7640d78e6f32dbe52f582de1d92
- SHA512
  
  41d88489ecb5ec64191493a1ed2ed7095678955d9fa72cccea2ae76dd794e62e7b5bd3aa2c313fb4bdf41c2f89f29e4cafe43d564ecad80fce1bf0a240b1e094
- SSDEEP
  
  192:hCPej3uzvJwqJMQKN4GbeWZksMI4ETWcEbcBZ8ep2Kra7yAG:hCQ2HgN4GbeWmbI4Eybogia7yA
Score

3^/10
behavioral27 behavioral28
- Target
  
  chrome/content/bc_context_menu.js
- Size
  
  6KB
- MD5
  
  59f7b06b22d17969c7fc659234a876ea
- SHA1
  
  097ba6ac008493c42d5d14c7a47c5b5cc368b9de
- SHA256
  
  97f763a0c6ff58b9161685aad545f37412bfa318ea80c60d2ba007d50f16c397
- SHA512
  
  434d0665b016d5e5e352217637591bd14294a892b4bc5989f39d8874ad3b2a07666f6f58cb0b8d87bc0749ba1be20839d301dfc43f19b25363ca651ec56d9582
- SSDEEP
  
  96:kFIUM6HDiqQ2xBROeKx3UcqtpgzH/EV5XQa4XQgk44Hsjg5jbH:UiZ2xB4ewkcgpgzH/EV5XQa4XQgKtbH
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  chrome/content/bc_media_capture.js
- Size
  
  17KB
- MD5
  
  79ba4fde7a772f0e9c50866daa8dc111
- SHA1
  
  eb8d534e6dce6477c12b567d812184bc496dbb87
- SHA256
  
  118a35dd013e2508f31adb855beb773cbbaf9a7c3da426fe6df474fe05be5dbf
- SHA512
  
  d6963c7822ae17185367a08177dd57d296ea469ab91c4a8aef40433c587cdee323fce8d88d4a716209ae8b8e80a23d6d2eadc8e2d72ccb055169d0482e33089b
- SSDEEP
  
  384:mWTGseoyD4Z2gK42/VqiBfbTZd6VK8YH84zjgWLqjYvUr9rl8EyF:mWTSoyDM2gK42/VqiBH6VDYc8LqxrA
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32