blackguard | 23a66b32dfa75a94036870a1dce0bfabe6b52331eb2bed02e6953b9fead97298

Sharing

Copy URL

Twitter E-mail

General

Target

23a66b32dfa75a94036870a1dce0bfabe6b52331eb2bed02e6953b9fead97298
Size

68.5MB
Sample

240523-pdfzkage3v
MD5

0562dbe0c247c939fa39caf3b13a3e16
SHA1

e54078a1eea1b359089749dca32a56f33aa21a2e
SHA256

23a66b32dfa75a94036870a1dce0bfabe6b52331eb2bed02e6953b9fead97298
SHA512

68325b00062f9a57d37c1e71c10a9de40e6c32d571502cdec941a52748f9743cd0ede95bbfb447ec0e2f9725c40d7028070ffdbb7417be4cb9cefc394af282e1
SSDEEP

1572864:FE8rnomm29tWOt/JV1yNdSTSCfrK57dVaeXAaW7Dzlt0n:CKommoWOt/lyNdSTlrKJ3DwaunTc

Score

10^/10

blackguard upx

Malware Config

Targets

- Target
  
  23a66b32dfa75a94036870a1dce0bfabe6b52331eb2bed02e6953b9fead97298
- Size
  
  68.5MB
- MD5
  
  0562dbe0c247c939fa39caf3b13a3e16
- SHA1
  
  e54078a1eea1b359089749dca32a56f33aa21a2e
- SHA256
  
  23a66b32dfa75a94036870a1dce0bfabe6b52331eb2bed02e6953b9fead97298
- SHA512
  
  68325b00062f9a57d37c1e71c10a9de40e6c32d571502cdec941a52748f9743cd0ede95bbfb447ec0e2f9725c40d7028070ffdbb7417be4cb9cefc394af282e1
- SSDEEP
  
  1572864:FE8rnomm29tWOt/JV1yNdSTSCfrK57dVaeXAaW7Dzlt0n:CKommoWOt/lyNdSTlrKJ3DwaunTc
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  13KB
- MD5
  
  9e7d36edcc188e166dee9552017ac94f
- SHA1
  
  0378843fe1e7fb2ad97b8432fbdcb44faa6fc48a
- SHA256
  
  d52a83c2a8551cebf48ff7a8d5930be1873bce990f855ccab4d7479cfeb22e3d
- SHA512
  
  92c31355cd124ba28c0ff9aa8fa34d5db9db0b093edb8978bc3cf94e1f72d526603d5d5c1e221dcb2ac6648bc420f4df9847c2b1e71046384d827814a77d1783
- SSDEEP
  
  192:y26NwF1FF8GqdxASZlSOnNGGPCqLXUdadWo2FfTCWWqDsYjGI5hBslft8gWNPjQo:I+8vwSZlgaJ3/4/4Q/bN
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/SysRestore.dll
- Size
  
  5KB
- MD5
  
  da046184a8d7269a0e138b0b0b9b2eb5
- SHA1
  
  d9bc5ea397857e17a86f80df1e50615eb6859044
- SHA256
  
  c5e335bd19fa798f120287fe3ed920296f899223942fd6b987585a765f0adec2
- SHA512
  
  9ee6965ac931839a5d61b4ed64bb3bbf434dfd10ff086c38a998ec6714018b5491da7e5c29e4f7dd7fd4a93b2f285869b20f88b4b0194c9ba7824ff7c9f03c80
- SSDEEP
  
  48:S5SjUZmikqTB1By5B6UBQzcszn3x3YlE41tq9/Iye:ASOz5ns4UeI2B3Z41tqlc
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  fccff8cb7a1067e23fd2e2b63971a8e1
- SHA1
  
  30e2a9e137c1223a78a0f7b0bf96a1c361976d91
- SHA256
  
  6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e
- SHA512
  
  f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c
- SSDEEP
  
  192:xPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4v:g7VpNo8gmOyRsVc4
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1c8b2b40c642e8b5a5b3ff102796fb37
- SHA1
  
  3245f55afac50f775eb53fd6d14abb7fe523393d
- SHA256
  
  8780095aa2f49725388cddf00d79a74e85c9c4863b366f55c39c606a5fb8440c
- SHA512
  
  4ff2dc83f640933162ec8818bb1bf3b3be1183264750946a3d949d2e7068ee606277b6c840193ef2b4663952387f07f6ab12c84c4a11cae9a8de7bd4e7971c57
- SSDEEP
  
  96:o2DlD3cd51V1zL7xqEscxM2DjDf3GEst+Nt+jvcx4T8qndYv0PLE:o2p34z/x3sREskpx4dO0PLE
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  09c2e27c626d6f33018b8a34d3d98cb6
- SHA1
  
  8d6bf50218c8f201f06ecf98ca73b74752a2e453
- SHA256
  
  114c6941a8b489416c84563e94fd266ea5cad2b518db45cd977f1f9761e00cb1
- SHA512
  
  883454bef7b6de86d53af790755ae624f756b48b23970f865558ba03a5aecfa8d15f14700e92b3c51546e738c93e53dc50b8a45f79ef3f00aa84382853440954
- SSDEEP
  
  96:pBNUBGfVwhcAlhPRJAixx+3eDEsgcBbcB/NFyVOHd0+uisX4:qBGfV5AlJJfFgcBbcB/N8Ved0P
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsRandom.dll
- Size
  
  21KB
- MD5
  
  ab467b8dfaa660a0f0e5b26e28af5735
- SHA1
  
  596abd2c31eaff3479edf2069db1c155b59ce74d
- SHA256
  
  db267d9920395b4badc48de04df99dfd21d579480d103cae0f48e6578197ff73
- SHA512
  
  7d002dc203997b8a4d8ec20c92cd82848e29d746414f4a61265c76d4afb12c05bce826fc63f4d2bd3d527f38506c391855767d864c37584df11b5db9ca008301
- SSDEEP
  
  384:LCHDPMs4GdtyO5roguusMxUXiO3wOw95euooP2UgKbd9BvNtf:LCHD6Gh87MKXil/5r2U3z
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  API.dll
- Size
  
  110KB
- MD5
  
  c386e41af1abc8704e4fbbb8efb2aa1d
- SHA1
  
  60dbd7f72bf711f6b23fcb0928b999ec5b17bbea
- SHA256
  
  d11c8f7aec9c6208f7cf52a6592ec431d20c58656c93034342000dbfa558e73e
- SHA512
  
  6340aab729c43fa710f4d080fc0c58ccc18bd765e59507334bffe16de504a15fec7f637b53051128a25e6eb3937db0f51154945523fb5d9a856345c0de809d3d
- SSDEEP
  
  1536:RN7Fn+20xWr6k5TGGllcAUzIc5qRV38aZ+nqqtQQuO5AP0VDbGjjHH:Rjn+SxjHBUziRV3/EnyQu/P0Vujn
Score

1^/10
behavioral15 behavioral16
- Target
  
  Accessibility.dll
- Size
  
  20KB
- MD5
  
  fe700f5c9b5e587d7a16d01f9432ff88
- SHA1
  
  cac556ea54b1e7491ac67e68ba903c6df02c5874
- SHA256
  
  3385ebc06a29fd5a87b9113571bc7181149dd7a83d48126414f7829da9b0f9a4
- SHA512
  
  79140d201e71c73b819e6d231ee06cceb256f1a2c3b05d4a9e5a9d556a9e34e7445e7f8f8bed805450015078b8d5ce55a5f2b62600694f3729259bbe8015e591
- SSDEEP
  
  384:kBmy0h6gSGRbOcHiUW2g/W5iAA5kHRN7wWmRVwR9zsvOI97:5SsOcHqAisv9zkR
Score

1^/10
behavioral17 behavioral18
- Target
  
  AntivirusLibrary.dll
- Size
  
  139KB
- MD5
  
  3bdfb6f4637c2d16731118db1193af07
- SHA1
  
  693f86ac7c27a4fe7060e55112108fe26a34d877
- SHA256
  
  163ab14bbf0af7f4a636ff6924ea7eafa7adfa6b292ceedd6de0de928fc9d171
- SHA512
  
  25388dc0fd92e147f12e3b46cebe3d25e1f85c0cab660c38a09a7f5d4b150a86a04776a2f689a16cce9fe5990add9f4b6c564017ce07a09c7f330bb1346f5a28
- SSDEEP
  
  3072:5m9YrK3VjJFpxGAu6VPirO1dEs5T7DuXc2VhAV9jb:+YW1NxGY91dEKec2oVx
Score

1^/10
behavioral19 behavioral20
- Target
  
  Brand.dll
- Size
  
  25KB
- MD5
  
  d18f2b7b1bdbf91cb1baec1ce3223fa0
- SHA1
  
  e72933e26585e6b30c55f6ebab5e4c6ba713f2ee
- SHA256
  
  68d5a560763a9d4d06936c44b233b74765cf4cbca511d0c003c25520e498401b
- SHA512
  
  9c622156e267462027b6fdea6fc6d8b7100979386d881677ae27b15815447be17078c8134f652cf983a8d6a56560779d65cfe6d1528bddd258e25e6fe3ad99a2
- SSDEEP
  
  384:xGQpETzAk/XZ3Zorq+wsOmQMYYCsYGhq6ki2PaR7lwiGgV7aeHDH/n/RJGBkSZzg:MQ8PZmKsYyF2CDbGyOeHDHf/ckV
Score

1^/10
behavioral21 behavioral22
- Target
  
  CacApp.dll
- Size
  
  18KB
- MD5
  
  5135f7e2c194bb932aff6dfe798461f8
- SHA1
  
  af9100910eb24b99cb6b300c6bf0b192c25dbc3b
- SHA256
  
  3277d3c68faa97b7e056007bca270f85091ad2242ac5b49c4588d33c2fe8114a
- SHA512
  
  479724ed7cd3eeab77ff6573aee722b228bc1a52cf66ca928bb11374f036adc6d8efc697e8ffe5c1887cb675eda76bd02b5c318b76202389899091de6cfcf0a0
- SSDEEP
  
  384:Epvn1fyCUyhq6ki2PaR7lwiGqRzIVHDH/n/RJGBkSMm:Uvn17UGF2CDbGUIVHDHf/cktm
Score

1^/10
behavioral23 behavioral24
- Target
  
  CacApp.exe
- Size
  
  242KB
- MD5
  
  d69a27b2a4cfaa08a26fb1323a78c5b1
- SHA1
  
  d589ef2dfe447ac96b3731801a793659bcf8c737
- SHA256
  
  f4d1020318e7ee6b4bed7aef290e562b9ea12f9bb91d826b2c98f569b0f09ceb
- SHA512
  
  a9da9be5df41ef9120d23f8cb7932a20d72da6f01435db98c36f3efaf1937e172dad4d0351c2a09439a165681780818cddc187e396c6aff1bebe49808d36c919
- SSDEEP
  
  6144:B5lv0STyMoJ/vUkXVXXCXXzXXXAXXXUXXXPXXHXXXHXXX3XXXXXXXTXXXIXXXXnX:BAb/IY
Score

1^/10
behavioral25 behavioral26
- Target
  
  D3DCompiler_47_cor3.dll
- Size
  
  3.9MB
- MD5
  
  d935c9f57aa56b90ae4da0a0bb280e0f
- SHA1
  
  d6364fb5e50ac93e37db5f49b85d28823ed89191
- SHA256
  
  f8c35b65524c60aa1765b13dc96a92a16d5570827b7fe6ccabfa9859d2a6ad60
- SHA512
  
  1bd535ecfe5611c2b43a9556efb41f0bff1ed64e480b069c30ab2fcf30c1a364542703fada877d91e626fd36e37b2fc4d8c053a2fca78a94d0b21ea66ea8b4c8
- SSDEEP
  
  49152:LS7iQ+besnXqRtHKzhwSsz6Ku1FVVOsLQuouM0MeADf6FqxLfeIgSNwLTzHiU2Iz:L4ihqqFVUsLQV6FqVCLTzHxJIPO
Score

3^/10
behavioral27
- Target
  
  DirectWriteForwarder.dll
- Size
  
  498KB
- MD5
  
  a4fbb20df26708545a2d5457c9390c6f
- SHA1
  
  255daed711ef0811dd29f1f54cebd0a03dcc8b5f
- SHA256
  
  6d14d8aa8dc7539ef0ad275a436e37cb0b67f6b2406638fece93eee419bcfdc1
- SHA512
  
  3de61d39ac4dc1e048d9fe6dcc553139541043d37dbd44c0b2073ac59a919e6e11fa535ae1f4d51692a36ed99d7f5af028ddcdd01e9782db037268bdd2f7a791
- SSDEEP
  
  6144:HtsL4Mi515WAQKe+xg3S0p67Vc646hSpvEoxIVfRvbaQj0gkjaCIBl+ygpZ+hElr:HtsL0NCf3BUjauoZFw9JTumHgoq2
Score

1^/10
behavioral28 behavioral29
- Target
  
  DotNetZip.dll
- Size
  
  247KB
- MD5
  
  319226c18dbc02d2ac4c0dd9dc116d53
- SHA1
  
  4ef827ec4c51cf2845e3a50fc23700177a4930f8
- SHA256
  
  eb9b84a3df6ae51759544ba04224a4f91454b8a81d54b37c846a4216bc72c15e
- SHA512
  
  dcb2b6e9e1f820472e96cd3e649cc696948d02545c141c483234aab98706c0d19051fcafafc14a928b6b2937125c61db3c49cdc45181e809d73df73f7db3cfbc
- SSDEEP
  
  6144:L5V1a8gCaIAaLPaiUoQhdTC015tRuAKObQ:rsmaIrPaikhvftA9OE
Score

1^/10
behavioral30 behavioral31
- Target
  
  EndpointProtectionClient.Net.dll
- Size
  
  85KB
- MD5
  
  5060a0203b9d8520d13d06a910c604a6
- SHA1
  
  0030cc497fa6c1a38ada39c56c3bda4690b4ac86
- SHA256
  
  62d753fcf16bb4bf88e76ebba4a2b5674321ef43ef517adf01c8b25f4baf4469
- SHA512
  
  ab2a66489f201b03e99209d24835f84523591b08c0d67da7dac106d1a7ef412ef78070b64803e1ebc189bf726777987a8992bf7e23ee6355a0d0564c037c2326
- SSDEEP
  
  1536:o5CmISoiajwbxVTVu20qZrw8txDGFGUYElQcTAOQ7PBHTiyDNXquGcAs8nXz+NCW:o5CmISoiajwbxVTVu20qZrw8txDUGUY/
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32