dc48bc839225b4993d25e2aa787feb4a84c5701b605cc5556be20c4e2026b598_JC[.]exe

General

Target

dc48bc839225b4993d25e2aa787feb4a84c5701b605cc5556be20c4e2026b598_JC.exe
Size

670KB
MD5

dae18358a1c40ab35e8082119cbf57f8
SHA1

9c929c1d5187c7aecfd65b8bad05f55413ee90ba
SHA256

f69b5927831a69dba60641bb8ebcf3b13aaefb30447544687689d1e981b35443
SHA512

65d8163ab2a834ccf6917b86844761fc52c4ac676c56d0236594864df1092ad6dcd37e337d074a1b1ce8b1843a6a5d8c8dbc6249288fc502388f8597c0a8d3b8
SSDEEP

12288:YyGE/Eai1WU//Vi9ulJC/4ZDPA4a272dpUQIxEdjeOJWruqs/g0BOPIMbxg2f1GW:Yy//1iPVi9uEUSlNlDoNpDrt

Score

10^/10

Contains code to disable Windows Defender 1 IoCs

A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

resource	yara_rule
sample	disable_win_def