blackguard | 45446f6e7551da01e6b6eca54c82f5584b34fa5b71517e2f3977939dfb0e876b

Sharing

Copy URL

Twitter E-mail

General

Target

45446f6e7551da01e6b6eca54c82f5584b34fa5b71517e2f3977939dfb0e876b
Size

72.1MB
Sample

240712-cj16gathnn
MD5

596d83d9360e43ebce886e6375497468
SHA1

6e280c2291bd1223c31154c91b4e919019dc7a24
SHA256

45446f6e7551da01e6b6eca54c82f5584b34fa5b71517e2f3977939dfb0e876b
SHA512

2f5897482f4e581403813894c151f11bbf7b622e5f5b5f6b724139dbda31e125183e0e49eb76c350596ec89498a123c7b70531e228f5955af35084956f925758
SSDEEP

1572864:VDaAF/pt7zg0X7whOvlU6WLC3x9etForC6nW7balgKwYJa:VD/3ucdU6WWhAi7W7GiCJa

Score

10^/10

blackguard upx

Malware Config

Targets

- Target
  
  45446f6e7551da01e6b6eca54c82f5584b34fa5b71517e2f3977939dfb0e876b
- Size
  
  72.1MB
- MD5
  
  596d83d9360e43ebce886e6375497468
- SHA1
  
  6e280c2291bd1223c31154c91b4e919019dc7a24
- SHA256
  
  45446f6e7551da01e6b6eca54c82f5584b34fa5b71517e2f3977939dfb0e876b
- SHA512
  
  2f5897482f4e581403813894c151f11bbf7b622e5f5b5f6b724139dbda31e125183e0e49eb76c350596ec89498a123c7b70531e228f5955af35084956f925758
- SSDEEP
  
  1572864:VDaAF/pt7zg0X7whOvlU6WLC3x9etForC6nW7balgKwYJa:VD/3ucdU6WWhAi7W7GiCJa
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  13KB
- MD5
  
  9e7d36edcc188e166dee9552017ac94f
- SHA1
  
  0378843fe1e7fb2ad97b8432fbdcb44faa6fc48a
- SHA256
  
  d52a83c2a8551cebf48ff7a8d5930be1873bce990f855ccab4d7479cfeb22e3d
- SHA512
  
  92c31355cd124ba28c0ff9aa8fa34d5db9db0b093edb8978bc3cf94e1f72d526603d5d5c1e221dcb2ac6648bc420f4df9847c2b1e71046384d827814a77d1783
- SSDEEP
  
  192:y26NwF1FF8GqdxASZlSOnNGGPCqLXUdadWo2FfTCWWqDsYjGI5hBslft8gWNPjQo:I+8vwSZlgaJ3/4/4Q/bN
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/SysRestore.dll
- Size
  
  5KB
- MD5
  
  da046184a8d7269a0e138b0b0b9b2eb5
- SHA1
  
  d9bc5ea397857e17a86f80df1e50615eb6859044
- SHA256
  
  c5e335bd19fa798f120287fe3ed920296f899223942fd6b987585a765f0adec2
- SHA512
  
  9ee6965ac931839a5d61b4ed64bb3bbf434dfd10ff086c38a998ec6714018b5491da7e5c29e4f7dd7fd4a93b2f285869b20f88b4b0194c9ba7824ff7c9f03c80
- SSDEEP
  
  48:S5SjUZmikqTB1By5B6UBQzcszn3x3YlE41tq9/Iye:ASOz5ns4UeI2B3Z41tqlc
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  fccff8cb7a1067e23fd2e2b63971a8e1
- SHA1
  
  30e2a9e137c1223a78a0f7b0bf96a1c361976d91
- SHA256
  
  6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e
- SHA512
  
  f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c
- SSDEEP
  
  192:xPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4v:g7VpNo8gmOyRsVc4
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1c8b2b40c642e8b5a5b3ff102796fb37
- SHA1
  
  3245f55afac50f775eb53fd6d14abb7fe523393d
- SHA256
  
  8780095aa2f49725388cddf00d79a74e85c9c4863b366f55c39c606a5fb8440c
- SHA512
  
  4ff2dc83f640933162ec8818bb1bf3b3be1183264750946a3d949d2e7068ee606277b6c840193ef2b4663952387f07f6ab12c84c4a11cae9a8de7bd4e7971c57
- SSDEEP
  
  96:o2DlD3cd51V1zL7xqEscxM2DjDf3GEst+Nt+jvcx4T8qndYv0PLE:o2p34z/x3sREskpx4dO0PLE
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  09c2e27c626d6f33018b8a34d3d98cb6
- SHA1
  
  8d6bf50218c8f201f06ecf98ca73b74752a2e453
- SHA256
  
  114c6941a8b489416c84563e94fd266ea5cad2b518db45cd977f1f9761e00cb1
- SHA512
  
  883454bef7b6de86d53af790755ae624f756b48b23970f865558ba03a5aecfa8d15f14700e92b3c51546e738c93e53dc50b8a45f79ef3f00aa84382853440954
- SSDEEP
  
  96:pBNUBGfVwhcAlhPRJAixx+3eDEsgcBbcB/NFyVOHd0+uisX4:qBGfV5AlJJfFgcBbcB/N8Ved0P
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsRandom.dll
- Size
  
  21KB
- MD5
  
  ab467b8dfaa660a0f0e5b26e28af5735
- SHA1
  
  596abd2c31eaff3479edf2069db1c155b59ce74d
- SHA256
  
  db267d9920395b4badc48de04df99dfd21d579480d103cae0f48e6578197ff73
- SHA512
  
  7d002dc203997b8a4d8ec20c92cd82848e29d746414f4a61265c76d4afb12c05bce826fc63f4d2bd3d527f38506c391855767d864c37584df11b5db9ca008301
- SSDEEP
  
  384:LCHDPMs4GdtyO5roguusMxUXiO3wOw95euooP2UgKbd9BvNtf:LCHD6Gh87MKXil/5r2U3z
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  API.dll
- Size
  
  100KB
- MD5
  
  3b5848f2366eb1fe639a51aeb21ad72c
- SHA1
  
  b62d61f7450d8697c3d05637ae8403eedcc7f8fe
- SHA256
  
  ee3ebdb60b8aed31b0820e4173398de53363081046d23882550ef1ac70a5589c
- SHA512
  
  498dbe4654cf947309df7f29c7681a5a381fe081f2b9f5f1bc68e2a6549b17000a48179daa20dab4d86afe28a7b0a1318625e8982e9dbd37b22553ba94de81d0
- SSDEEP
  
  1536:HEA4UBZf4wYXNpJ2oz94M2oVZm/mECua+A/gaoxt79m96pwY8LtT2en3f2YOZMWr:H3owCAFE66bwg4nbEEVrj0M
Score

1^/10
behavioral15 behavioral16
- Target
  
  Accessibility.dll
- Size
  
  20KB
- MD5
  
  816e609f5ac38d93203e9a378005bcef
- SHA1
  
  f18f76b1746b1d4e5cb0a9fa39c018a53a9f0a48
- SHA256
  
  294554e31f343f6d37a8a3f5e75eb477f4cad50d68a8e04f001ccaff519d90fe
- SHA512
  
  dc351817d663bd1e35a4680556ddae466e573d459f243dbc130656e0fe1c43aad8b0f62ae2ff82e9e096ac5bd7c2ec6ca66378ea76bcf36dfb372479a3b4bef3
- SSDEEP
  
  384:ABmy0h6gSGRkOcHiIWI/WQWTb2HRN7WSR9zdPa2p4:lS3OcHnBW/iWe9zBrO
Score

1^/10
behavioral17 behavioral18
- Target
  
  AntivirusLibrary.dll
- Size
  
  155KB
- MD5
  
  87b54cd825bd48ff4cac50c5f6b92bbc
- SHA1
  
  f6828f3a887ee18c25c1d99b10d185bfc1f33c8b
- SHA256
  
  0d4819c60f9c491a46f002d9021efeaea973bd0ca38eec7f148a7a2807663dd6
- SHA512
  
  94f3d00b3887eb48dc658ac1c3481d2cad02f606ccd3e268dbe352f47f8a6dcad2c5b634a3bf85bdae797b57624f1a30d3ab86b01313ba92a46d341faac71cbd
- SSDEEP
  
  3072:z8GlnorlsDMvhl2uR/agAAzCj1n+uBP8WZUVwja6:z8GlEuMvTR/HzQP87Vg
Score

1^/10
behavioral19 behavioral20
- Target
  
  Brand.dll
- Size
  
  25KB
- MD5
  
  3cf3cb59d8222138dd776fd9dab02477
- SHA1
  
  6aa3ca66fc441bf2a1eff98c1e7ac5d1e948601d
- SHA256
  
  8d60d88e23d5b00ab05255c33a38aee45d4ec74b53d545651f1c66c810a26575
- SHA512
  
  8b03c8c18cccec93d68ee32742ca9ea78e4eea63c37e4c365d0a5c6e0f96bc23f5134d52cb6e9dd5a44574e72f0c73219105f1ce92b31d38f5d2a403e8751fb7
- SSDEEP
  
  384:tDnE5aWMzWXAGi+wsOmQM8YpUWslhq6ki2PaR7lwiGekkwHDH/n/RJGBkSaZ:tDnfG7xUWsLF2CDbGBkwHDHf/ckB
Score

1^/10
behavioral21 behavioral22
- Target
  
  CacApp.dll
- Size
  
  18KB
- MD5
  
  292919899bde2a08f3a00515086295de
- SHA1
  
  4078ae06019c0c4fd06d4056497af8bc17ce477f
- SHA256
  
  e2ec97208de3bff634639130d1049dab85fa149de258ffb6b952478b809265ba
- SHA512
  
  b2ed7915c7c9bb12b2583e944695bab7a1bf4de24819b82defed2cdd6a650d543b63eb2ed6cc360b42193470380c0ec63aa05553daffdef4fa3829be5be54ff3
- SSDEEP
  
  384:LP6F695pnrhq6ki2PaR7lwiGKrBHDH/n/RJGBkSrK:LZnpn9F2CDbGCBHDHf/ckyK
Score

1^/10
behavioral23 behavioral24
- Target
  
  CacApp.exe
- Size
  
  233KB
- MD5
  
  4e5530e1b8e2124f84fb32b7ee4d12fe
- SHA1
  
  c65f28c6709554976081ff9425dfaee16f55528a
- SHA256
  
  7a8a7517d5ee9bcc417283e34441702daf50eaf79d83040eaf910a388762aefe
- SHA512
  
  50b1910050b8ae8b3b83aac4cdec2a72577688abb780baed75af3db9b7fa44ca05336c28486025bace3c43f21791f54c406f3530a617bbad1608fba454b9a3c5
- SSDEEP
  
  6144:qOXrHJvjYpXz/vUkXVXXCXXzXXXAXXXUXXXPXXHXXXHXXX3XXXXXXXTXXXIXXXXX:tpvj+z/IQ
Score

1^/10
behavioral25 behavioral26
- Target
  
  D3DCompiler_47_cor3.dll
- Size
  
  3.9MB
- MD5
  
  08ac37f455e0640c0250936090fe91b6
- SHA1
  
  7a91992d739448bc89e9f37a6b7efeb736efc43d
- SHA256
  
  2438b520ac961e38c5852779103734be373ee2b6d1e5a7a5d49248b52acc7c4d
- SHA512
  
  35a118f62b21160b0e7a92c7b9305da708c5cbd3491a724da330e3fc147dde2ca494387866c4e835f8e729b89ee0903fd1b479fcc75b9e516df8b86a2f1364c8
- SSDEEP
  
  49152:pS7/Q+besnXqRtHKzhwSsz6Ku1FVVOsLQuouM0MeAD36FqxLfeIgSNwLTzHiU2Ij:p4/hqqFVUsLQl6FqVCLTzHxJI9k
Score

3^/10
behavioral27
- Target
  
  DirectWriteForwarder.dll
- Size
  
  486KB
- MD5
  
  38e9c17bd19793f435310dfbc240412e
- SHA1
  
  ff8c83af1e967be840a7e422b851b505959ba667
- SHA256
  
  6830bdea9c146e9a98df8b7f6032ba6433c5d44256c496f853b8cc813f996ba4
- SHA512
  
  5434715c91453320438c13c88c9c220c37ead423f8e9c50eab5db5eb4284eea9754e502b8f9de279c26f243bc125ab5cd228b93ec7aee2e5751ed3b64970af35
- SSDEEP
  
  6144:/A5W/+t/Ep19hHa+7PoniBtFfTR5CiH25P7TFUC/uHwPNmHqcm2:/VYof9a+DonKF2RTFU6uQQxm2
Score

1^/10
behavioral28 behavioral29
- Target
  
  DotNetZip.dll
- Size
  
  247KB
- MD5
  
  319226c18dbc02d2ac4c0dd9dc116d53
- SHA1
  
  4ef827ec4c51cf2845e3a50fc23700177a4930f8
- SHA256
  
  eb9b84a3df6ae51759544ba04224a4f91454b8a81d54b37c846a4216bc72c15e
- SHA512
  
  dcb2b6e9e1f820472e96cd3e649cc696948d02545c141c483234aab98706c0d19051fcafafc14a928b6b2937125c61db3c49cdc45181e809d73df73f7db3cfbc
- SSDEEP
  
  6144:L5V1a8gCaIAaLPaiUoQhdTC015tRuAKObQ:rsmaIrPaikhvftA9OE
Score

1^/10
behavioral30 behavioral31
- Target
  
  EndpointProtectionClient.Net.dll
- Size
  
  88KB
- MD5
  
  445d21f2f263713b328036d907dc3787
- SHA1
  
  2d0d83e33cb45fe2b8c22fa3a00f2a56c9c1eec0
- SHA256
  
  da3131ffd9263736083efbc26cc855117066188095d61716f0e79c69efc68e38
- SHA512
  
  4c3174463340fe7bf2f84ae3e2da860e9932e35561c83f95903d864c46b8938b486d4d07680e4f2ff89c6785122fd5e5cf70eeea7626adf43267d38dfa8c2f15
- SSDEEP
  
  1536:fIlS2mpMhxOb+nlKDek/yifRkdf486waBxIstxRcTUkmeeSLmEJJpIP8jmVStOfY:glS24qwK+ek/yifRc486b7Ist/cIkmeR
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32