Overview

overview

10

Static

static

3

BRUTOFORCE....8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BRUTOFORCE SEED V12.7.8.exe

  • Size

    40.2MB

  • Sample

    241208-ywfaestlg1

  • MD5

    52abb3e74164e2ad5878096bb6a3625e

  • SHA1

    6f2b960b05a788e7177320b16370613baac2a5e6

  • SHA256

    4430db9f5ed3a2cc612fcd4784f0774d0fc5d505ee5c1aa25234e1d27e85a3a8

  • SHA512

    a6b832560972ffe69c7a29b87dda53fe6dcf5f990724f2149df96c3ad233cf575658b59011ece904f2af3d138fe87d12703233636003fcd8cb46444398b5528f

  • SSDEEP

    786432:0cmyjMgsUCYEUhp9+baSgeB/WdLH8J+hvAdanW0u2AyM1:0RqMQCuz9W/2cYYdanW31

Score
10/10
blackguarddiscoveryspywarestealer

Malware Config

Targets

    • Target

      BRUTOFORCE SEED V12.7.8.exe

    • Size

      40.2MB

    • MD5

      52abb3e74164e2ad5878096bb6a3625e

    • SHA1

      6f2b960b05a788e7177320b16370613baac2a5e6

    • SHA256

      4430db9f5ed3a2cc612fcd4784f0774d0fc5d505ee5c1aa25234e1d27e85a3a8

    • SHA512

      a6b832560972ffe69c7a29b87dda53fe6dcf5f990724f2149df96c3ad233cf575658b59011ece904f2af3d138fe87d12703233636003fcd8cb46444398b5528f

    • SSDEEP

      786432:0cmyjMgsUCYEUhp9+baSgeB/WdLH8J+hvAdanW0u2AyM1:0RqMQCuz9W/2cYYdanW31

    Score
    10/10
    blackguarddiscoveryspywarestealer

    • BlackGuard

      Infostealer first seen in Late 2021.

      stealerblackguard

    • Blackguard family

      blackguard

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks