General
-
Target
blackmentwerkingunleaked.exe
-
Size
82KB
-
MD5
9002d1c0c308ffeca470f16686288f51
-
SHA1
4c80d7c6fe9ae3d7c60d3ef809d1310cadc21f8a
-
SHA256
89e541b0b20ae57fbef9fd77e809ea6b65a529a83ebfa60388893191a0d5f73b
-
SHA512
7b686881e9f2fcac64ff0b957f748cae8d47e8f0f34a8bb70d90c8ce1aa6f94d00620d3ed41690ae43dcbfe719b20786d74282dfce853cac87154bd838e8302a
-
SSDEEP
1536:/AMfrTX01OrGpRZNdbv66Claewnph6NuHMdgtVqxjXuX27iW8f9bqNhJxj+kOeaH:6DewnphzIxXuX27uf9bIJh+kOeC
Score
10/10
Malware Config
Signatures
-
Contains code to disable Windows Defender 1 IoCs
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
StormKitty payload 1 IoCs
-
Stormkitty family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
blackmentwerkingunleaked.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections