General
-
Target
SecuriteInfo.com.Trojan.Inject3.39524.22027.11591
-
Size
152KB
-
Sample
201109-5af7fhq4m6
-
MD5
4b3cec4aaf6625c5ade4c14af160eeca
-
SHA1
5842ebc42f690da2a2e343f0f9f1af0007c49ce5
-
SHA256
f3eb876bdd52d2f6fb8a8dfe28fcff50129a1fd88f76b3e99c500357c36ff862
-
SHA512
542e59c109929785f80836dfa2067e4756ecf81e27dc43539ece0b67f8e23bc52739029f8fddcd968980285437d2e2242a175d02cfddeac5d196c38366d3a827
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Inject3.39524.22027.11591.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.Inject3.39524.22027.11591
-
Size
152KB
-
MD5
4b3cec4aaf6625c5ade4c14af160eeca
-
SHA1
5842ebc42f690da2a2e343f0f9f1af0007c49ce5
-
SHA256
f3eb876bdd52d2f6fb8a8dfe28fcff50129a1fd88f76b3e99c500357c36ff862
-
SHA512
542e59c109929785f80836dfa2067e4756ecf81e27dc43539ece0b67f8e23bc52739029f8fddcd968980285437d2e2242a175d02cfddeac5d196c38366d3a827
-
Contains code to disable Windows Defender
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-