一键开启关闭Windows Defender[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

一键开启关闭Windows Defender.exe
Size

189KB
MD5

ce35ae5f232d141eb1a8f677ba95aae9
SHA1

2f8bb225c79c017661cc4d199fc63f5512fb7a00
SHA256

85e87b9bb021090412e0f2fd8a9da0a28c0c318c8cc9ad89113ca8d6c0b63740
SHA512

6186afeab077fd56870550d7ae8124d48e407e57209ec51da36a380af8f563851ff7a51d0bbeeeae94ca1ebe212b9aa52f851c06b12f37a409f21ebe47930a3d
SSDEEP

1536:kLTebfHT+UfapGk/qEIbXEb32osGPidHT+UfapGk+Au:yebi7qEQUQ+iYSAu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
一键开启关闭Windows Defender.exe

Files

一键开启关闭Windows Defender.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ