General
-
Target
SecuriteInfo.com.Trojan.GenericKD.43569931.17547.14217
-
Size
531KB
-
Sample
200801-m1bxavdzhx
-
MD5
17e2541126192fb39fcfd63c4ea3308a
-
SHA1
468cc15e755e368bc56c779ac801a95dffd6c4a9
-
SHA256
a1bf9a7b8d6dd555ea81443658567d3d5cd91cdf57ccdbaf9557db1531349f64
-
SHA512
8b9ad5da4ff25611e5d3cc1d7645a7ac9ea6b6c1e1f1dfb1953cd3c4fbd5cf3f5e86e1cf38a01aad787848eaa421ef7f1d242bc40a0567071143e53cb25df84c
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.GenericKD.43569931.17547.14217.exe
Resource
win7
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.GenericKD.43569931.17547.14217.exe
Resource
win10
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.GenericKD.43569931.17547.14217
-
Size
531KB
-
MD5
17e2541126192fb39fcfd63c4ea3308a
-
SHA1
468cc15e755e368bc56c779ac801a95dffd6c4a9
-
SHA256
a1bf9a7b8d6dd555ea81443658567d3d5cd91cdf57ccdbaf9557db1531349f64
-
SHA512
8b9ad5da4ff25611e5d3cc1d7645a7ac9ea6b6c1e1f1dfb1953cd3c4fbd5cf3f5e86e1cf38a01aad787848eaa421ef7f1d242bc40a0567071143e53cb25df84c
-
Contains code to disable Windows Defender
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
Suspicious use of SetThreadContext
-