General
-
Target
74bd0a0f99f46bfc7106edc3f4d360d9c0bdcba209cbedb685f2131c9482cc3b
-
Size
145KB
-
Sample
220524-sae5msagfl
-
MD5
598216c1f4df42b96265e40d826a029b
-
SHA1
5299280a7093ece1ce4cc8bd9dbbd57115cf93a2
-
SHA256
74bd0a0f99f46bfc7106edc3f4d360d9c0bdcba209cbedb685f2131c9482cc3b
-
SHA512
ea4d008e55c16157e1374b03d142ddb34fe219114f42c6f49fb0f9b0a7c9e0abe5be0e97162a2fe820ec7b7d3a8daa4acdf2324df44445d1190e23da1a0d59b2
Static task
static1
Behavioral task
behavioral1
Sample
74bd0a0f99f46bfc7106edc3f4d360d9c0bdcba209cbedb685f2131c9482cc3b.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
74bd0a0f99f46bfc7106edc3f4d360d9c0bdcba209cbedb685f2131c9482cc3b.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
74bd0a0f99f46bfc7106edc3f4d360d9c0bdcba209cbedb685f2131c9482cc3b
-
Size
145KB
-
MD5
598216c1f4df42b96265e40d826a029b
-
SHA1
5299280a7093ece1ce4cc8bd9dbbd57115cf93a2
-
SHA256
74bd0a0f99f46bfc7106edc3f4d360d9c0bdcba209cbedb685f2131c9482cc3b
-
SHA512
ea4d008e55c16157e1374b03d142ddb34fe219114f42c6f49fb0f9b0a7c9e0abe5be0e97162a2fe820ec7b7d3a8daa4acdf2324df44445d1190e23da1a0d59b2
Score10/10-
Contains code to disable Windows Defender
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
CoreEntity .NET Packer
A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
-
Suspicious use of SetThreadContext
-