blackguard

Sharing

Copy URL

Twitter E-mail

General

Target

dsa.7z
Size

31.6MB
Sample

250207-16bfbszrgz
MD5

29df20c3ab674d32dbff4ad9d2cae227
SHA1

53b1252248cf35260f31243e7167486a6ceb508f
SHA256

dfea5761c13795a4eac03f0e150f92eae0c7fd2b1be234bc53cf3726f8aacdbd
SHA512

da31410916079c47fdc55cf66e7a98240a85fc785ece94c252c81a11814756af7ca1b8900065d62559a912ddb554a76e79447ca7ffdf6ac6ddc54a694c3f35e1
SSDEEP

786432:p+lahZxH62fanCSUpfUfp+iZPcdDfK3BpEJz/RbRMzDIfka:prJinCdU8iZkdDBRbGIl

Score

10^/10

Malware Config

Targets

- Target
  
  BlackGuard Stealer Builder/Builder/Builder.exe
- Size
  
  9.7MB
- MD5
  
  11ee415ffe942a18f5429802a56b5a08
- SHA1
  
  1536b8d10f827c2a483d9b4c7423b3ae9b35772a
- SHA256
  
  8556a420ce8441261c575e1f030ad2d90a69d08bae576f7db921dd727925a291
- SHA512
  
  0c984827933e8e6fcc2ac4f64bef598cab884c9cbb8da4376e9beb9c030dc57c54e72f25a6ec25acbb07472f19fe4639ceefa20627775ad828b23740411737b7
- SSDEEP
  
  196608:ZlIMJxeJxgVN8iNIS6bF8Yrz1x3PQha9:ZlIMmJxgX3YrzT
Score

10^/10

blackguard discovery stealer
- BlackGuard
  Infostealer first seen in Late 2021.
  stealer blackguard
- Blackguard family
  blackguard
- Downloads MZ/PE file
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  BlackGuard Stealer Builder/Builder/dnlib.dll
- Size
  
  1.1MB
- MD5
  
  de0069c4097c987bd30ebe8155a8af35
- SHA1
  
  aced007f4d852d7b84c689a92d9c36e24381d375
- SHA256
  
  83445595d38a8e33513b33dfc201983af4746e5327c9bed470a6282d91d539b6
- SHA512
  
  66c45818e5c555e5250f8250ea704bc4ca32ddb4d5824c852ae5dc0f264b009af73c7c1e0db1b74c14ee6b612608d939386da23b56520cac415cd5a8f60a5502
- SSDEEP
  
  24576:m+pL+hwfQvqx+yLjynb1YNzh/CNX7fegPeH3hid3Hc9ZEu5DkU6FPepU1VWv7fo0:sxvCLUJ
Score

1^/10
behavioral3 behavioral4
- Target
  
  BlackGuard Stealer Builder/Panel/www/32/SQLite.Interop.dll
- Size
  
  1.3MB
- MD5
  
  7fa539853da1972bdb600565cb1391f5
- SHA1
  
  03e9b5a1cedb8aee0f923e125fda88c7a853a284
- SHA256
  
  c83fddaa688914d5b3b6eb6ee675c1e2d7e18f6a6a2b08cc8a3743473f6faf00
- SHA512
  
  4c5984d537b5fc7be927ed7afb6ea620088ef232baa552a4e9c5d5369327f6eb1d5fd490d38805a3886f3858ff9a5d0a63fe4e91242cb1931398d6e9ff6d1b01
- SSDEEP
  
  24576:u8+tzVT3XoTeQWEUkkcyhjY2oMn/nAw2T9rDWkzivZjptHVlev2RBmf:ktzJ2gHIww9mk8pZOv2R4
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral5 behavioral6
- Target
  
  BlackGuard Stealer Builder/Panel/www/64/SQLite.Interop.dll
- Size
  
  1.6MB
- MD5
  
  616827a61d7a49ce5389c5d96443e35d
- SHA1
  
  d522ee5607e122e775d77641dba09711146db739
- SHA256
  
  54d4025bc175de5367d0ace1a78fec7edf06b642892691cf85afb02b8ab166d5
- SHA512
  
  fd6a53cb9851e56b8dc6a40627058852f2949688b73dacf6f3e0fcf932453b8c52a3bfefb12c80c38397a89f1038ad8fad329ea2798b86457ce5d8fe7ba87312
- SSDEEP
  
  24576:OFZGH4BNxe0T/3azYNf6M5q4Kf3ghEsSZCdhhs2s90LkZGOvZgSEd:OFZ1x6Y6MoX/g4sdbsf90L7
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral7 behavioral8
- Target
  
  BlackGuard Stealer Builder/Panel/www/files/pclzip.lib.php
- Size
  
  248KB
- MD5
  
  ead334b034ed780460017929521a3ed2
- SHA1
  
  bce3fd2ad1caa8878321d24b1a498bbbd46dec5a
- SHA256
  
  33daaee0f2a6dabe9b77e97ed9732da1bc50893de32f6cf510af847a4d1edf6c
- SHA512
  
  e7c9b752ed83fab9dbb9c08e99f6347419d7982b09837e139a51e2f19f043eccf0973d40644b248ce6a3167dc6b17d806a33d33ea559545e86cd811cea180e62
- SSDEEP
  
  3072:dnfnIjNzHYxtCWOO6dA0h5ThqW3jByjDt:dnvIjNzHYxtCWOOWA0XTV3jByjJ
Score

8^/10

discovery execution
- Downloads MZ/PE file
behavioral10 behavioral9
- Target
  
  BlackGuard Stealer Builder/Panel/www/index.html
- Size
  
  3KB
- MD5
  
  5fbfd8ac647093f681cf8d6bc8fe4006
- SHA1
  
  905da6edf70f565827b77bec48be329394e34270
- SHA256
  
  41aff06db338a76292e450c255b908668f117309811102ffc5fa06ad832895a7
- SHA512
  
  1a026c1d128f47a35a945c51ab4ef49b20693b071960706df09c9ce4764af3460bced88aba73036a6c55891d3704bffe7cacc2862ecc4aee0ac258bdd4d24160
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  BlackGuard Stealer Builder/Panel/www/panel/js/func.js
- Size
  
  6KB
- MD5
  
  e2a961dc9b6249a42fdc687623de240b
- SHA1
  
  c9f858861b01d779f9bbd25e26bee2243c589447
- SHA256
  
  64962cfee4184ca4b857114c0739b3526c8c39298f8b6894b957a1cf4dd16457
- SHA512
  
  18544880282359fec251530099c779d87a55c7423319d62faeb102332d40d2ca129e79baa8b20a890f48f229251ba866783fc95009f1ddbcd769d8b8260b58db
- SSDEEP
  
  192:b5Hf7fK/JM9c6GImysnEYfdRp+tfHpefj:N+JM9YImFEMpCk
Score

8^/10

execution discovery
- Downloads MZ/PE file
behavioral13 behavioral14
- Target
  
  BlackGuard Stealer Builder/Panel/www/panel/pages/footer.php
- Size
  
  2KB
- MD5
  
  6babceef9f04bf5ba4017c8f77d11b63
- SHA1
  
  68ee154e2acb2d1727656a7c7e5e08fb5ef88033
- SHA256
  
  cc49f3852daf9aafcd71a7bd8278ba68cb961ec431b4ae6897142eaeba13c2e7
- SHA512
  
  4a780b73a35ecf3694017df56103ba604a8e1a0a3d6f8d3e0ab461ec2e138e07c2207f9a072a07b2555110e2f2f5ff63edba597b9b5cfa4fb71dacf726ce5ebf
Score

8^/10

execution discovery
- Downloads MZ/PE file
behavioral15 behavioral16
- Target
  
  BlackGuard Stealer Builder/Panel/www/panel/pages/head.php
- Size
  
  3KB
- MD5
  
  f50d82475fe6474568dcf069fe883b11
- SHA1
  
  bdfe63c7d1f5edd273d76e74843b109c3191e495
- SHA256
  
  202b80041027255f80db3ed00041aeea1b83b2ce615c8bd59651e35ea354e12d
- SHA512
  
  d330c37e8a67aef81b8eca5859a1d86587d8285db53503fb61ba4ad7c45a9e6a25aafbc6e702de41b0eee9638c43e83589e8029e819ae87d2f07f783a9c39322
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Blackguard family

Downloads MZ/PE file

Loads dropped DLL

Downloads MZ/PE file

Downloads MZ/PE file

Downloads MZ/PE file

Downloads MZ/PE file

Downloads MZ/PE file

Downloads MZ/PE file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18