General

  • Target

    Chernobyl.exe

  • Size

    418KB

  • MD5

    f5007f18070e9cfc0b23c5ebb25c4468

  • SHA1

    cf430806009fe87580705a85474a8604c84292fe

  • SHA256

    18f27d42b09fe462af83c3ec3e82842e09a7db2e9c69cb6044e977b7af87a3c9

  • SHA512

    7b9de630ea04314813895e2dc8908429bc393f2a7c0dd50ed1ac7802f8ba3d36998886bd9da3dd7c857a992dd9aecf016eb55a0cb33a3b234fa1e3137f094c50

  • SSDEEP

    6144:kibkUpo02222222222222222222222222222222222222222222222222222222u:ytH0NOZzv4TatsNqaJx

Score
10/10

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Chernobyl.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections