Overview

overview

10

Static

static

10

b17b6e0662...8f.exe

windows7-x64

10

b17b6e0662...8f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b17b6e066246c72a8cebea483fafe5bf6cb1625aa1f1ab26222acc515afb3c8f

  • Size

    552KB

  • MD5

    dbfe55ee011498eec26d3e93ec858efa

  • SHA1

    e57616fc6f9ec11db393d08f96f3bfcf961528d3

  • SHA256

    b17b6e066246c72a8cebea483fafe5bf6cb1625aa1f1ab26222acc515afb3c8f

  • SHA512

    4b16dd1ac76978250dcab9897a65d61b929d0ffd10829db3852dd0b177d6111b463b062917ef8fb9dfca1993926e8d2977a7fb1b0438a34c5014518bd50b957d

  • SSDEEP

    12288:QRekyTcsX2JpKOFggOVSIxHbWsKBQ+Q78e/dTPGTn8L8u1msvDDDQihm6x4G8jHk:QYDTcxOdxH2Q

Score
10/10

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b17b6e066246c72a8cebea483fafe5bf6cb1625aa1f1ab26222acc515afb3c8f
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections