Overview

overview

10

Static

static

10

ApokalypseX.bat

windows7-x64

1

ApokalypseX.bat

windows10-2004-x64

1

D34TH 3.0 ...on.bat

windows7-x64

1

D34TH 3.0 ...on.bat

windows10-2004-x64

1

D34TH 4.0.bat

windows7-x64

1

D34TH 4.0.bat

windows10-2004-x64

1

D34TH 5.0 .bat

windows7-x64

1

D34TH 5.0 .bat

windows10-2004-x64

1

DefenseKiller.bat

windows7-x64

1

DefenseKiller.bat

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    testmalware.zip

  • Size

    19.3MB

  • MD5

    9740d22bf26537f1d4017d8efb595d91

  • SHA1

    7ef8e6f26deabd5be220a77451caaf8f7ab37b39

  • SHA256

    64f8abfef6a39a1bbfee395390be4d7d9a0af111e8e7c2745e60f437ae226cc0

  • SHA512

    5fc4a257d8a4711917be27c4ab417f36bbd07c0c2c9c75e8f07ff994d399501d2849387ee9cd7e3ebb8ea7ebb40b590f27d907c67d7a5c320a29405499fed7cd

  • SSDEEP

    393216:3H0HQ2uLoCyon/3Q212PHGSYsndaypsiVPtby/L8ytEUGRnVl:3H0w5sju/3DwOE75FtbA/Et

Score
10/10
pyinstaller

Malware Config

Signatures

  • Contains code to disable Windows Defender 2 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Checks for this command that runs a batch skript as administrator: net session >nul 2>&1 || (powershell start -verb runas '"%~0"' &exit /b) 4 IoCs

    The Command is used in malicious skripts to make shure they are run as Administrator.

  • Detects Pyinstaller 2 IoCs
    pyinstaller
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • testmalware.zip
    .zip
  • ApokalypseX.bat
    .bat .vbs
  • ByteVaultX.exe
    .exe windows:5 windows x64 arch:x64

    f4f2e2b03fe5666a721620fcea3aea9b


    Headers

    Imports

    Sections

  • ByteVaultX.pyc
  • D34TH 3.0 Horror Edition.bat
  • D34TH 4.0.bat
  • D34TH 5.0 .bat
  • D34TH_6.0.exe
    .exe windows:5 windows x64 arch:x64

    023abd09c65289e3a2df4aa2b19cccec


    Headers

    Imports

    Sections

  • rwifoujn.txt.exe.png.pyc
  • DefenseKiller.bat
    .bat .vbs