blackguard | a9aaf85ab57a036256ba70a19f52a8b03854e0ac121c2c59cda7bcce004fd69c

Sharing

Copy URL

Twitter E-mail

General

Target

REPO.zip
Size

380.0MB
Sample

250321-z1dststm18
MD5

444922c09c4d50f35b0f223caf93bceb
SHA1

e5a4c3d1377ecc3be0887f802341b6bdc551bef7
SHA256

a9aaf85ab57a036256ba70a19f52a8b03854e0ac121c2c59cda7bcce004fd69c
SHA512

92b7ebcab12f8d158a8b87bfe94e0b872fb2fb3a9d4443fe12c9d1bd2244cd69e1beb70d7c6ce7025d5a7f03f6b8dbec1e730560e4d96da585f06682d4cfef55
SSDEEP

6291456:I44flgqxHpHnuWHlYHtUrhtVDY/NfYlolWTc+MxB0tLKH3pXTteRNHghWVuKXnNL:I449gSJHryHGzW/pYLTc+6Cg3FTtOEWT

Score

10^/10

blackguard

Malware Config

Targets

- Target
  
  REPO/REPO_Data/Managed/Facepunch.Steamworks.Win64.dll
- Size
  
  534KB
- MD5
  
  9b6881f3af33f662ee9a2a8f07016b98
- SHA1
  
  06e4b53d3d7177d2465c9f53e7881a8c4cfb8ac0
- SHA256
  
  7f4e025564e9b2dd6ac248727b37c9767212c567b18a422629256737524d23b8
- SHA512
  
  39bf3ffa5456db92f5d44c78764efc6cdc5a4c52e7493a1a1940dbbcf4268120538b0b86db3ccdbf9cc3453b11ef3d6827db4fa38ce18968f38829a1e600253e
- SSDEEP
  
  12288:4dMCyDIDge2t7yOcEXJ5HfuhftgUT2lCeamE:sVDge2t7JJ5/2ftgUT2lCeamE
Score

1^/10
behavioral1 behavioral2
- Target
  
  REPO/REPO_Data/Managed/FbxBuildTestAssets.dll
- Size
  
  4KB
- MD5
  
  5d6fee6175cdebaa2ee128150bd29a29
- SHA1
  
  c8c198a9ac713943e7fca4623ceabfe1ac6b31e7
- SHA256
  
  5ffe4702625dc8f3db2b3b04e3cf298485a680701798c7eae954728ccbeb4e00
- SHA512
  
  07ba446824fd886aad73104facd9c6d91d5dbe257dc78951928a934718b11841bf29855882d5bcb66ee168a786ea2fb4ab8ecda1bcae816aef91c078ae92df18
- SSDEEP
  
  48:6aIm+l597exYV1t40A11KH2bHYZ+IM81qYJQlMtNu/UKhkxkanFOELrfKLditlup:CbvvVeo2bHFeI4NAU0kxkAvX2diGXi
Score

1^/10
behavioral3 behavioral4
- Target
  
  REPO/REPO_Data/Managed/Klattersynth.dll
- Size
  
  84KB
- MD5
  
  09b4f29cae5f08a0c8eba1ee96e17fff
- SHA1
  
  a8065580be301bf497a139bf9783caff903e196c
- SHA256
  
  790ef9d885034936bc7a1ef2298f47faa10b51b5e3637eacca7c39425386a47b
- SHA512
  
  6c56435c34be5bae444758a7463d4c57dab6ed1961ae6cd73da3477e09101898106606bee718670101f8ccaa596883e8ba340b0439ab4defea2d1d540bbd9d93
- SSDEEP
  
  1536:P6SuniFrszCg3tGsPJsvKssp6a2+Pm+hH8IfHXwpMXwp1vKvvKAJCXHOHJCFwBfO:POidsGC0CsQG9AQrN+U
Score

1^/10
behavioral5 behavioral6
- Target
  
  REPO/REPO_Data/Managed/Mono.Security.dll
- Size
  
  235KB
- MD5
  
  0841dfacf30ea97bd834716188a2d08f
- SHA1
  
  61465571018211f19b29a012323c3bfed788b0d4
- SHA256
  
  98d714abde46476d8ec2a729d178fd24b9bb86cfa6416defac6b46220143181d
- SHA512
  
  79dc5ad0b44fa9eb272e16b625c560ca946411b3862deca2395c888130f07e09c28ee0b97b9f0a5225c4ca932901ba0616e659d34bda7d676be2409a16e27076
- SSDEEP
  
  6144:0UjTQ70cnf8MoVRxS9iJdBF119RJXG2y2+Q:lEiH119RJXV3
Score

1^/10
behavioral7 behavioral8
- Target
  
  REPO/REPO_Data/Managed/Newtonsoft.Json.dll
- Size
  
  675KB
- MD5
  
  d751086b7423fd5580b5e909b06217b9
- SHA1
  
  c1707b17df636cd6d4a804361fc6ead4ef9db5cf
- SHA256
  
  a56146202232958f46bd6a28b5a7da166aea123ee0d646735a46e5c341dfbf1f
- SHA512
  
  86655b59ad62664a35a30807cce7dc2c2be8f1ece235f35dc9031873d255dc6f13a22b55d0386becbe927f007a14a6d936ba3861d1103af8f2fe16aa0afebe11
- SSDEEP
  
  12288:aBNYm5IWx4AhnIqjCfP4bYaRLL0eglBmjV+0kRqQCB0jEIF:aBum5I24A5LYa5g1ByNyq5B0jzF
Score

1^/10
behavioral10 behavioral9
- Target
  
  REPO/REPO_Data/Managed/Photon3Unity3D.dll
- Size
  
  232KB
- MD5
  
  f4ed63ecaa255abfea482446f8d43155
- SHA1
  
  c80b0994e2e8a3a8833e6cdceb0055bccd015056
- SHA256
  
  d761abef6f533d404303058da32016c78b76459a94e755d974a9739a6c5281bd
- SHA512
  
  f7f8c0ba9d8b9047be6dcbbe1201d3e471339bb2d5fdb826c42a401262c54162444de9966eb5709e764019abe98785cf79a5ace13d7a8392f77ddf277292a708
- SSDEEP
  
  3072:Nf46H2QQgPLVRyG1r3nD0ucDq9tpWKRUs7x0AQtJ0nfZGOIbmp:N922D3D0uceoKR376S3
Score

1^/10
behavioral11 behavioral12
- Target
  
  REPO/REPO_Data/Managed/PhotonChat.dll
- Size
  
  34KB
- MD5
  
  a28cf489498b43ee89b960a9169be6df
- SHA1
  
  f818696f937dbfb2a7b3d1043cff1b90edd42ff2
- SHA256
  
  5689cd7befce8a3ae46544e38acd103117485d99e867a3004be8340f1b78e5b3
- SHA512
  
  de4ce6bae73f1e92927ba34a8acb4e0feb15ad568f139894e25fc704ae18ed2d3c11b47f3d3cb13bd59cc95e2e47179eded9983e1b7e6c23efae987270239630
- SSDEEP
  
  768:rJhr6Q9dvc7eR4YZN6SjEFJV2OA7v7GZSoipovqZu:DbU7g4eDjxgSoipoX
Score

1^/10
behavioral13 behavioral14
- Target
  
  REPO/REPO_Data/Managed/PhotonRealtime.dll
- Size
  
  108KB
- MD5
  
  8df8c5b69f7954b6b6c3f0a91da889fd
- SHA1
  
  d77a81532cc99fa0bd98c2605b228339a6c42f01
- SHA256
  
  f0f356a2d993df2b28f1aab7fc6b1aa4f816457eef34cc8b0fa4ba4800ddd3db
- SHA512
  
  7ede4463805f523aacf5cbd7a6fae3c4bff4f6a3bc1058c229486bbf96b7fce716a1330d1d6c3a44a7d448180b1a743e99ed54240565323048223a847a469f87
- SSDEEP
  
  1536:WVTOM2THG6Swr8I2tkmmgnz++eeXyQNtxDVnLTU8uw35SwruSvBrKUGWrECDiSWm:WVXWlr8I2tkmmgFeiys/vBrKuoE
Score

1^/10
behavioral15 behavioral16
- Target
  
  REPO/REPO_Data/Managed/PhotonUnityNetworking.Utilities.dll
- Size
  
  60KB
- MD5
  
  e3b7cfc93928de70fb93ce7d674546e5
- SHA1
  
  d99a489885cdb4b77d360d6561b0c44ac6ce824e
- SHA256
  
  0d45649e308ad15029b54b2ce51b397ee1a5111ace658cd926cc4f144e8aad77
- SHA512
  
  cd492053eb531d09f757b7db0c2775b1b7f24e040eaf0bc076335e85155ded95028969f1db4ec63f46858f6fef7bf292abf503737210c1aee03ed508ece35349
- SSDEEP
  
  768:U8y9ampUpw0JZ5JDZLRxicvM7zGhhUhxipftWFfAKV7S:UBxpUpbvDZGXChKhxMUY
Score

1^/10
behavioral17 behavioral18
- Target
  
  REPO/REPO_Data/Managed/PhotonUnityNetworking.dll
- Size
  
  111KB
- MD5
  
  052d763c5f7089f4b35673d5833f63de
- SHA1
  
  3573aff0b6a1bc0242e23718b1bc62b307200bfe
- SHA256
  
  02d6d6e9c0948d35ca9b6043cd97b5866b954bda2fba02da4f3b909d61eccbd0
- SHA512
  
  2191a184501fb410f88d1bf0fdcac85e9cc27d61ef1337957c2acc9c812918629ac821feb9070ff70144a1bd0016b6d66d191f257b169c722a0d250ef7ab59fc
- SSDEEP
  
  3072:/LEnltIhDWP4IgIoMzjKsDo/AsJpgJPI:wfIhD041cznI
Score

1^/10
behavioral19 behavioral20
- Target
  
  REPO/REPO_Data/Managed/PhotonVoice.API.dll
- Size
  
  156KB
- MD5
  
  da1253b9c21a4d4fbaa8e2215bc979e7
- SHA1
  
  b75d905766baf1a8e9d212a25e35d6271c80f767
- SHA256
  
  0d6249d0832bf968e9905f771c6bd512984cf92b1a2cbaf989ca4da5262954c2
- SHA512
  
  83e557ef2022321e066a97369563e062a14a312c6ccf92e0761ac3341a75dae96db8873defe10b2d87591215d7ee750ccd34f421000c17e056b9d80a913c8353
- SSDEEP
  
  3072:2JzEZIbOtGUbzRe8kVIbwO1wtPqzDzr2W217Uknbp4vLgclbiRn:mQZIbO5lecwO2dqAUQ2LgG
Score

1^/10
behavioral21 behavioral22
- Target
  
  REPO/REPO_Data/Managed/PhotonVoice.PUN.dll
- Size
  
  18KB
- MD5
  
  55e0974b4cd8c2b9c1dc0f0a0e449d1f
- SHA1
  
  16a00d6269070f04eb00db3d90f3363c9a493689
- SHA256
  
  dc4bccd98a717ba2d529fb2d5bdcb6af29e3b32697f430f0350b619aedd00507
- SHA512
  
  d2e7c435da19f8fc416ff6141599f070a8abfa5ec61e77b2af4f3e7222e9c82fc6e8e464a043914f97a5ef4b9075e9b9da5da2b37968d001893a9ea7d7938213
- SSDEEP
  
  384:tRKiSkd4o6Bao9EStRPyrQnwE91q/Kb7TQPl:bSA6gjcPycnwE9Q/ATQt
Score

1^/10
behavioral23 behavioral24
- Target
  
  REPO/REPO_Data/Managed/PhotonVoice.dll
- Size
  
  76KB
- MD5
  
  9be8ca15d4873cbcf1dba1af830ee55b
- SHA1
  
  ac8cb14e750882e8f70e230a42ce3113ac24eb2c
- SHA256
  
  ba0d54a28ca8b571cc1ce13e34ff92e40d3fcf8786354e97bebb39819dd2af0a
- SHA512
  
  190269fe1e0f85401b7542592861c3735fdddff5cd4edf0a44bba75317075d40583c3b774f563119d24f3843725f2c6eccb016f51d1b6dc9bf0a830997537301
- SSDEEP
  
  1536:OvefD/AfAiPMi1ePBQJCSVAmTD1fcuZGKXNE2Y:Ov8D/AfAiPMi1aBrJm31fcvKXNEH
Score

1^/10
behavioral25 behavioral26
- Target
  
  REPO/REPO_Data/Managed/SingularityGroup.HotReload.Runtime.Public.dll
- Size
  
  6KB
- MD5
  
  a8896d46c75be1c79a9e3ab0616adb30
- SHA1
  
  f299e8198997402094a7bc15747f1313dcb6b55d
- SHA256
  
  b98195963d005d9062ef37c15ee2b4e83bbe5b172290ce80dcec85d8a3c6b022
- SHA512
  
  1d843a93633b771438a7815e76e26c92dfcc61a24f7878e3a3e08a5a6d62b2ebe29debc8faa7b00b134c896609796ca1e6494ac2151bef0802a8d7b41a4c5372
- SSDEEP
  
  96:pAMPwaFIJTYcHQOOO5lrSo42sW4MqxGRn1GkxkzvXgEXLFqQe3:ptwaFIJTvHJrPZ9qxGRVuzPgEXLFS
Score

1^/10
behavioral27 behavioral28
- Target
  
  REPO/REPO_Data/Managed/SingularityGroup.HotReload.Runtime.dll
- Size
  
  4KB
- MD5
  
  9b58eb5da4f187d49f855e134715b802
- SHA1
  
  e945359d805b07774fcf820d91e7154310a4483f
- SHA256
  
  ba2dd9367813b41c55f27364a5c2ab329f3ce729b8c3adfda31e251cc1a8239d
- SHA512
  
  0e5c7f69aa4bab03472cf0362c15e8736f8b5a113c2d0ebe14c9311535e6dc2bc824cf1cd4d486b3b2223388216b5f2d81829ee433db1f8c06be195f85f8bc05
Score

1^/10
behavioral29 behavioral30
- Target
  
  REPO/REPO_Data/Managed/Sirenix.OdinInspector.Attributes.dll
- Size
  
  100KB
- MD5
  
  9564a7c47e7c87441fab0fc62a0115bf
- SHA1
  
  6f6f3287d4abf3d289b2c8da55491d55cc5fe26d
- SHA256
  
  84e5d6292ff1c81e05692ac39380d734fe27e0f33cd84d51fad1a4ef6792e80f
- SHA512
  
  d174eadfaffc821b42302d4ac05bfbef569571612bf0d22a839b4d58f06aa353f5923a166a1387feb4026ec67e688e5e9422f3e0ea55ad1d4523763888efeb5f
- SSDEEP
  
  1536:SohCfsTEutZr0001ObG9w3X930OqO5dpzZU9Af/JKHlRZf42u6vUTKyqx:7Qx+B9E4fW9gKBf42uYNx
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32