Static task
static1
Behavioral task
behavioral1
Sample
39cb36fcd31d2322d55ea0c4bd3261fda84b765ed9063920ec2631d481b92468.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
39cb36fcd31d2322d55ea0c4bd3261fda84b765ed9063920ec2631d481b92468.exe
Resource
win10
General
-
Target
39cb36fcd31d2322d55ea0c4bd3261fda84b765ed9063920ec2631d481b92468
-
Size
28KB
-
MD5
d79868aba4eaa4ff394bb07ec2785d10
-
SHA1
4061cceb7ce3df2b38437a82815b86cdace2da8a
-
SHA256
39cb36fcd31d2322d55ea0c4bd3261fda84b765ed9063920ec2631d481b92468
-
SHA512
e65910ae20b8deee78844e9e1b15733273f709c4c5a9112197692935cbbb84365a29ed7b5fbc7d4c615b0c5dc47c9d797780ad398fba6224d4351a18bcda6bf3
Malware Config
Signatures
-
Contains code to disable Windows Defender 1 IoCs
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
Processes:
resource yara_rule sample disable_win_def
Files
-
39cb36fcd31d2322d55ea0c4bd3261fda84b765ed9063920ec2631d481b92468.exe windows x86