44caliber | D0A927970E230756281222C063F1A06B4637623794A26[.]exe

General

Target

D0A927970E230756281222C063F1A06B4637623794A26.exe
Size

10.5MB
MD5

9e63a0aa4f26539beeccb7180568fc4e
SHA1

649f49bfa20647858a8073a9416648b76773cfc5
SHA256

d0a927970e230756281222c063f1a06b4637623794a26843381e4de3df3c277f
SHA512

a3acd7ec1400ccc482239440450ef8df6719dd29ce6290b9f47764030a4e5b47ceb97ce74c71bb156409848e85ceaa38069d2d4113f4043883ae0a28053a546b
SSDEEP

196608:gQGZ+hi7zj9AKm6gUU8gBk6cICteEroXxqwNE+sKsXXgvkec8SKyhzvZjXNDy:gb3GH6YkDInEroXlsKkXgsetWRZNu

Score

10^/10

44caliber family
44caliber
Contains code to disable Windows Defender 1 IoCs
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

Processes:

resource yara_rule

sample disable_win_def
Detects Pyinstaller 1 IoCs
pyinstaller

Processes:

resource yara_rule

sample pyinstaller

resource	yara_rule
sample	disable_win_def

resource	yara_rule
sample	pyinstaller