thanos | cbe82df60bb0dfd79f73daf59231727707e3a1ce8c8ba56a5d98e32d44aed4f5[.]bin[.]sample | Triage

Sharing

General

Target

cbe82df60bb0dfd79f73daf59231727707e3a1ce8c8ba56a5d98e32d44aed4f5.bin.sample
Size

87KB
MD5

71bd7a49a092452a5ccc24dd9ee1df1e
SHA1

f65636c5727f5f9da8b60e79d31a866711cc029a
SHA256

cbe82df60bb0dfd79f73daf59231727707e3a1ce8c8ba56a5d98e32d44aed4f5
SHA512

733fe4c4962110dfcc117543b1dad34c5dc647e94135857ee318881b9f08a055c7f6bbc2ce5340798b874e400b3945b919f60f13e141132742513d6f5fca8091

Score

10^/10

thanos

Malware Config

Signatures

Contains code to disable Windows Defender 1 IoCs
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

Processes:

resource yara_rule

sample disable_win_def

Thanos executable 1 IoCs

Processes:

resource	yara_rule
sample	family_thanos_ransomware

Thanos family
thanos

Files

cbe82df60bb0dfd79f73daf59231727707e3a1ce8c8ba56a5d98e32d44aed4f5.bin.sample
.exe windows x86