blackguard | Loader[.]exe | Triage

Sharing

General

Target

Loader.exe
Size

273KB
MD5

20c1572e3522b3387e05074d4f5e19fc
SHA1

b8bd0221456b3d933d3cdf225408e77bb0a62374
SHA256

abc9f44b74bbd427025796c98425c5f10fe5d6272143601d59b0c0187c291900
SHA512

a3b34ea5012e9cb6f1591484381619980b58ac74214eb700689433d5f69161d34e7f27388bf2cd7e59b7066e186486ecc59dc8223e5397daaba677b8d06d601f
SSDEEP

6144:ef+BLtABPDM5pPTgxWGomsXSbklxLfdEzyIme0wa6:h57hmsXSkHdmme06

Score

10^/10

blackguard

Malware Config

Signatures

Blackguard family
blackguard

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Loader.exe

Files

Loader.exe
.exe windows:4 windows x64 arch:x64

Password: TESTTEST

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Mycc\Desktop\44CALIBER-MODIFED-main\44CALIBER\obj\Release\Loader.pdb

Sections

.text
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ