General

  • Target

    https://github.com/Zenwki/The-Big-Malware-Repo

  • Sample

    240523-ke339sah3v

Score
10/10

Malware Config

Extracted

Family

blackguard

C2

http://45.67.230.199/x64/SQLite.Interop.dll

http://45.67.230.199/x86/SQLite.Interop.dll

http://45.67.230.199/

Targets

    • Target

      https://github.com/Zenwki/The-Big-Malware-Repo

    Score
    10/10
    • BlackGuard

      Infostealer first seen in Late 2021.

    • Downloads MZ/PE file

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks