General

  • Target

    8d611985cb8101c86c2808c5977781287846a2ed0b4f196de61ac632c1f46ed7

  • Size

    932KB

  • MD5

    515544fb6f33abfff7b83f4c3589c3d9

  • SHA1

    53aa5502a94a12326b3f2799a28b2782c38e6168

  • SHA256

    8d611985cb8101c86c2808c5977781287846a2ed0b4f196de61ac632c1f46ed7

  • SHA512

    60b760308b41a2deaac615d78865fa893d6721652044f6b05a950fd9535eabef1e6613ce9b2e1265d83d48121d3c97a051c9e9f4d11d60e0c7cf6e35a3168ca8

  • SSDEEP

    24576:WwT7rC6qb3RhaoHAOk+UFenpumfuiEkZJ8:PrC6qb3NAOUSuMu/d

Score
10/10

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Detects Eternity stealer 1 IoCs
  • Eternity family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8d611985cb8101c86c2808c5977781287846a2ed0b4f196de61ac632c1f46ed7
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections