blackguard | fad398fd1100f4afa63068f3d41a7c9be46102b9229c8e43ea6335ad59ac55fb | Triage

Sharing

General

Target

R.E.P.O.v0.1.2-OFME.rar
Size

386.1MB
Sample

250321-qyesnstms4
MD5

3272e8d6f9d92fdf583f26b047cd823c
SHA1

b539a3e69b8d92b2c48c935f3051ab4b68b3aa34
SHA256

fad398fd1100f4afa63068f3d41a7c9be46102b9229c8e43ea6335ad59ac55fb
SHA512

364c8d38f5d1b8323eb1bdc3d8548ca2630493e7982a9db6e75c21994979d9adeaba8575c114a78e9fc33d9738177f06c08bc534db27e4e3dd9d5491e334e0d7
SSDEEP

6291456:+WVq8Q31asIx4D31VWJTvRMmo5+YgdQAOYUazMVhJ34kYnsWD:rVkafyDoT5LYgwYehJ3lYnsWD

Score

10^/10

blackguard discovery

Malware Config

Targets

- Target
  
  R.E.P.O/OnlineFix.url
- Size
  
  46B
- MD5
  
  59bf167dc52a52f6e45f418f8c73ffa1
- SHA1
  
  fa006950a6a971e89d4a1c23070d458a30463999
- SHA256
  
  3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e
- SHA512
  
  00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26
Score

8^/10

discovery
- Downloads MZ/PE file
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  R.E.P.O/OnlineFix64.dll
- Size
  
  11.3MB
- MD5
  
  1dc3a9fd539541dfd04ba19b0e65a1bb
- SHA1
  
  2a0ab8d86a16546ee040d866dc8e7acc9888a12c
- SHA256
  
  316eba6541ee72195e949c04597a37309869f683b96561f558c231d796974b10
- SHA512
  
  0110d961a7d4ac14f075fdabb1c5366c73c76397b3b3f34df72991dd2cf14ced18a0293d49f48b2bb1eaac5206945aa4e7acac48fcd0c7380cc13a14558cfe50
- SSDEEP
  
  196608:V8PPzFUF/qRFyL7ekwe/G8hNJRWH035NoWVxqr1Pow3PISBQxJcX6Qz:WPPRgqRF+wLQjJHoWm1PowImQxGqQ
Score

1^/10
behavioral3 behavioral4
- Target
  
  R.E.P.O/REPO.exe
- Size
  
  651KB
- MD5
  
  37e2e7e012343ccef500133286fcbf27
- SHA1
  
  4b7e66039d04b14ddcfb580a6e6a395ea52222be
- SHA256
  
  1643ff9ed131adde7a22363f26d36308b4b4fb8f9ba61e5afce3b6803c5cb302
- SHA512
  
  418dcb69e506f42248c00459eb3fa5a576006fead83cb5372e5710a8e95265654c316bbb314e4b8afa69e393a7cdf01219b7e17095d1990ab418f0aed68c687e
- SSDEEP
  
  12288:c/744aOD8GVma8Vk2WbYq5qL7Lp4SKpRUzfBI4xa7iKXS:m9aO/Vma72z9KY7BID7iKi
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6