blackguard | b5c8c6002977e825992622e5471400179daa371118dd99b090949b4050487111 | Triage

Sharing

General

Target

b5c8c6002977e825992622e5471400179daa371118dd99b090949b4050487111
Size

569KB
MD5

025c2c2b7b06f846e53c9aa56a87a4c2
SHA1

879b7bbbc6e2cbf756289af446030828f6a2539a
SHA256

b5c8c6002977e825992622e5471400179daa371118dd99b090949b4050487111
SHA512

9b7c2116fda6f6bad4790acd046c4bf61d271396fff4a78e2b59ae8f24e873498ae615b50ec964f81a6776d76eaed93c2fff6d33a812be3f75d466080d63f467
SSDEEP

12288:7sqVv8O4LiDPrjoEWmSkSSmZDIo3LRDDL:7Dn4ivoEWmSkPmOQRL

Score

10^/10

blackguard

Malware Config

Signatures

Blackguard family
blackguard

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5c8c6002977e825992622e5471400179daa371118dd99b090949b4050487111

Files

b5c8c6002977e825992622e5471400179daa371118dd99b090949b4050487111
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 567KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ