Overview

overview

10

Static

static

10

try.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    try.exe

  • Size

    82KB

  • MD5

    d1f850e8f665404ca512b35b7a944049

  • SHA1

    97627b3f92e5fca80caac125d85ceb935edf239c

  • SHA256

    5579ec327889e6c8818fb19b09e7acfb2b6c86d26c3da0e2e454d8d731827bed

  • SHA512

    f38de3689a4aae1be0b997d49fc7054f62540648cb370b4e363c3d3952cb3a412ed63f881cfc7c6800c7460aae401f48b666c324f46f3f91efd533753ac10eb6

  • SSDEEP

    1536:QAMfrTX01OrGpRZNdbv66Claewnph6Nu3qdMZyxuLz0dYltGBxcwYetf9b8NZ3xb:/Dewnphb8ugdZrcwTf9b63hDkOek

Score
10/10
stormkitty

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • try.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections