General
-
Target
Silviozas Proxy.exe
-
Size
903KB
-
MD5
d6a38a9a0b7eb11945a25a72dbd398de
-
SHA1
29d340ff3b9f6866cf18c741326fb47dd3c496c8
-
SHA256
6bec7f62ef26d60a983b02bd2e9cac78608df3481f301b0d1e8e36be23cd1522
-
SHA512
5eb4eac3e569f92f0e23666cfae4a5ee73972b072cb0d81b898138eea76ad64fdbc64b77a8b4b99c234d504bdf3c9baea5dde32069c57d1065cce77b482704bf
-
SSDEEP
12288:OTEYAsROAsrt/uxduo1jB0Y96qwKxkNaYaBPbDb9xOTeFYvVHMPONEtn:OwT7rC6qwKx73brOTeFEVHtNq
Score
10/10
Malware Config
Signatures
-
Contains code to disable Windows Defender 1 IoCs
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
Detects Eternity stealer 1 IoCs
-
Eternity family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Silviozas Proxy.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections