blackguard | 441c2122ba0ab777dc898e41c5d79c5c4d92c8c0d966b5dd61f3dcbb4038bbc7 | Triage

Sharing

General

Target

441c2122ba0ab777dc898e41c5d79c5c4d92c8c0d966b5dd61f3dcbb4038bbc7
Size

2.1MB
MD5

ae76d4d79e14d8243ce1ccea73538891
SHA1

a677837978455c2ed63bb81909c2702577ccb353
SHA256

441c2122ba0ab777dc898e41c5d79c5c4d92c8c0d966b5dd61f3dcbb4038bbc7
SHA512

4c925b578563dbc03d246876d8d91c24631134446d129b534b8e35d6ba6a30041ff05c641fd962353b9e808be2218e70c2a12f9fe1a796b582a00ae6412314db
SSDEEP

24576:cuILGblwKgf70b6sAUmLuBUJ/KE/dFdy8goDSGIt6:cwlS0bBmQKRynqS

Score

10^/10

blackguard

Malware Config

Signatures

Blackguard family
blackguard

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
441c2122ba0ab777dc898e41c5d79c5c4d92c8c0d966b5dd61f3dcbb4038bbc7

Files

441c2122ba0ab777dc898e41c5d79c5c4d92c8c0d966b5dd61f3dcbb4038bbc7
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ