General
-
Target
2b8652ca94dad29260004c12456e1bc6.bin
-
Size
225KB
-
MD5
b31048ffb0c80be3d28c4de27f69ffd4
-
SHA1
a861b5f4c03dd517e14ee73e3a581827028de01e
-
SHA256
0bde4198aeb642c24f203c71df9a1f9fc5b664021a48d3ccf556de6f936bf4f0
-
SHA512
aae96ac9ccabf61515f361230d1ea4ed1b6113f73db08881ce514612dec14e72e919143b1db28515f7ae71e0c54469e8a4d401533dd89b4fc0ae52626dac75d9
-
SSDEEP
6144:onPXpg95N+1HMLAjXphoyMxf+6ka91ks27hG:kuXOFKnbjksahG
Score
10/10
Malware Config
Signatures
-
Contains code to disable Windows Defender 1 IoCs
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2b8652ca94dad29260004c12456e1bc6.bin
Password: infected
-
ab46ea9e8a967b71edd17e24993c428336490f63b3765a917e738494d088f16a.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections