Static task
static1
Behavioral task
behavioral1
Sample
cbe82df60bb0dfd79f73daf59231727707e3a1ce8c8ba56a5d98e32d44aed4f5.bin.sample.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
cbe82df60bb0dfd79f73daf59231727707e3a1ce8c8ba56a5d98e32d44aed4f5.bin.sample.exe
Resource
win10v20210410
General
-
Target
cbe82df60bb0dfd79f73daf59231727707e3a1ce8c8ba56a5d98e32d44aed4f5.bin.sample
-
Size
87KB
-
MD5
71bd7a49a092452a5ccc24dd9ee1df1e
-
SHA1
f65636c5727f5f9da8b60e79d31a866711cc029a
-
SHA256
cbe82df60bb0dfd79f73daf59231727707e3a1ce8c8ba56a5d98e32d44aed4f5
-
SHA512
733fe4c4962110dfcc117543b1dad34c5dc647e94135857ee318881b9f08a055c7f6bbc2ce5340798b874e400b3945b919f60f13e141132742513d6f5fca8091
Malware Config
Signatures
-
Contains code to disable Windows Defender 1 IoCs
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
resource yara_rule sample disable_win_def -
Thanos executable 1 IoCs
resource yara_rule sample family_thanos_ransomware -
Thanos family
Files
-
cbe82df60bb0dfd79f73daf59231727707e3a1ce8c8ba56a5d98e32d44aed4f5.bin.sample.exe windows x86