dc48bc839225b4993d25e2aa787feb4a84c5701b605cc5556be20c4e2026b598_JC[.]exe

General

Target

dc48bc839225b4993d25e2aa787feb4a84c5701b605cc5556be20c4e2026b598_JC.exe
Size

556KB
MD5

686c33f353aaa476f68a8e124cf1d6af
SHA1

7d78fe59708ae8953faead95eacae4cdf4212676
SHA256

dc48bc839225b4993d25e2aa787feb4a84c5701b605cc5556be20c4e2026b598
SHA512

2309d65ce1585bafafb750bcf1ec19d421e234d82eb321e612a4319c9210a02098c526eada3c926c4071b97df00fc3cda5d125cc310ed92cc79d2bfc7a23edd4
SSDEEP

12288:mDjwnRpIL85mX7kiaGnlUEmrlJC/4ZDPA4a272dpUQIxEdjeOJWruqs/g0BOPIMG:mn5rnafJ

Score

10^/10

Contains code to disable Windows Defender 1 IoCs

A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

resource	yara_rule
sample	disable_win_def

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc48bc839225b4993d25e2aa787feb4a84c5701b605cc5556be20c4e2026b598_JC.exe