Overview

overview

10

Static

static

10

dc48bc8392...98.exe

windows7-x64

10

dc48bc8392...98.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    686c33f353aaa476f68a8e124cf1d6af.bin

  • Size

    227KB

  • MD5

    e9206ce8fc576f0b6e5063a18cb1810c

  • SHA1

    f753ee07013ae3d10d22e3cc2053620cb847d969

  • SHA256

    5c6f8fe7ec1ce3493cf4ed7840cc3fc55b74ddcbb4888bdcbe75e4b42accd620

  • SHA512

    c52a8213c69aaff8d82e7e805b693a2a6c63a6f7b9cbb5df36c98464f5ed5eabefdbb41840a56c6e8534c66a294d5753440ce9464fac83827cbc71f0b3666b9c

  • SSDEEP

    3072:AbNJ9HXnwZ2yXXIUuZrHBMCcM5axDxeGfWP5Hr2djvhvssRPOO+CjaGLcuFzc6py:Ax3eXXMHBMCc0axQv5wLROcH/RJpN5uD

Score
10/10

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 686c33f353aaa476f68a8e124cf1d6af.bin
    .zip

    Password: infected

  • dc48bc839225b4993d25e2aa787feb4a84c5701b605cc5556be20c4e2026b598.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections