blackguard | cc4b161f7c063fcb3c13d1e4baa499072cbdaa34ec571bb57d0639caed4f8208 | Triage

Sharing

General

Target

Loader.exe
Size

273KB
Sample

240618-sfzfgayela
MD5

562f5962e62e7cffbd5b1994fee7eb61
SHA1

993c90b0fb19a743b90ffd70b01076d8c2a1cada
SHA256

cc4b161f7c063fcb3c13d1e4baa499072cbdaa34ec571bb57d0639caed4f8208
SHA512

3f855a84560accc8c4834b6e0b918ff8f40b2bc96ebef0eec08609664dceae00085fe6f878cecef82be3b0122ffd825984dc9a4fac8ece8f52216b9bb9030209
SSDEEP

6144:4f+BLCABPC+55PUgxHGozsuuI7xJbM3AMr/iyIme0wic:x5hhzsuh7zsXEmeIc

Score

10^/10

blackguard persistence stealer

Malware Config

Targets

- Target
  
  Loader.exe
- Size
  
  273KB
- MD5
  
  562f5962e62e7cffbd5b1994fee7eb61
- SHA1
  
  993c90b0fb19a743b90ffd70b01076d8c2a1cada
- SHA256
  
  cc4b161f7c063fcb3c13d1e4baa499072cbdaa34ec571bb57d0639caed4f8208
- SHA512
  
  3f855a84560accc8c4834b6e0b918ff8f40b2bc96ebef0eec08609664dceae00085fe6f878cecef82be3b0122ffd825984dc9a4fac8ece8f52216b9bb9030209
- SSDEEP
  
  6144:4f+BLCABPC+55PUgxHGozsuuI7xJbM3AMr/iyIme0wic:x5hhzsuh7zsXEmeIc
Score

10^/10

blackguard persistence stealer
- BlackGuard
  Infostealer first seen in Late 2021.
  stealer blackguard
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

blackguardpersistencestealer