disable_defen[.]bat | Triage

Sharing

Copy URL Twitter E-mail

General

Target

disable_defen.bat
Size

1KB
MD5

ad7f89cfa011b90c1c02e6a3cd510545
SHA1

c17f4d57deb93050d094e5a09d2f9e58abc252f9
SHA256

b49eda80fb9ce22634d8125a99ee53218eaa404f67d0a105dc675e101a265042
SHA512

191a583906502cced2ac95ae88e40d0bcab3454eafbf67a41e70447f531a7678fd5771a3bcd5f4dd1020d36f39cebddec72469b7830932822cb8c4ce82db80af

Score

10^/10

Malware Config

Signatures

Contains code to disable Windows Defender 1 IoCs

A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

resource	yara_rule
sample	disable_win_def

Files

disable_defen.bat