General

  • Target

    41d2f1c62ff12739256123b0174e369c

  • Size

    381KB

  • MD5

    41d2f1c62ff12739256123b0174e369c

  • SHA1

    fb16186c8032c7e97ba64a052af8c71bd4e379cb

  • SHA256

    aa4383af8e035d0f96129cff4a2b066408ab59adce2f8c088eda69d447b02e2a

  • SHA512

    bdba75e31b4b9c534c4136f2fbbacc8a4380b15aecf7943c000d1fe00e6fbf8c7556e240601d67e534ce98817f4634d09f4204be41fdd4591d7e5db1616d3885

  • SSDEEP

    6144:Hr/H/wxDUbNH9mPDQHE5rBOI1WpUlca888nkglhhdhteiVur/nVEfaZqa4:Hr/H/WkHSQk5FOI2kgRBeiS/EM4

Score
10/10

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 41d2f1c62ff12739256123b0174e369c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections