Static task
static1
Behavioral task
behavioral1
Sample
8957d0b2b03b8f56fa7d60f4cafbe98f12adae548e66e21ec25e5cb224979e36.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
8957d0b2b03b8f56fa7d60f4cafbe98f12adae548e66e21ec25e5cb224979e36.exe
Resource
win10
General
-
Target
8957d0b2b03b8f56fa7d60f4cafbe98f12adae548e66e21ec25e5cb224979e36
-
Size
28KB
-
MD5
dcc35e49ac1c768d838efe3b161fb5f9
-
SHA1
50371cc42402d94cfb43e9942d1a506174839eb1
-
SHA256
8957d0b2b03b8f56fa7d60f4cafbe98f12adae548e66e21ec25e5cb224979e36
-
SHA512
49cdeeca2e02fbea5d541bb2198eca81b34359714392efdf1e6f5eb460c339c03f7d3c2e0482915e0c211fda0932bd174a8eb3a18f1de24d36103ad27f94cb20
Malware Config
Signatures
-
Contains code to disable Windows Defender 1 IoCs
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
Processes:
resource yara_rule sample disable_win_def
Files
-
8957d0b2b03b8f56fa7d60f4cafbe98f12adae548e66e21ec25e5cb224979e36.exe windows x86