General
-
Target
f349c54c94b3edd91fb10d43b7aed1d98e685145856eae9fad65275ce3511047
-
Size
168KB
-
Sample
240526-fcv8esfd4t
-
MD5
35ce791eb47b9257a9643624954fc8a1
-
SHA1
7d8ee3c058b17329ceada2da7ddab2d805f43616
-
SHA256
f349c54c94b3edd91fb10d43b7aed1d98e685145856eae9fad65275ce3511047
-
SHA512
ab2e3e390889b19ebd687c1d612c106718a91bbe2eb885b235ecd7ff0f05875ef4e91b4ce119bdbf4ba8123c8424d5e40ae6cef73ad1830edd6230587c7e9b04
-
SSDEEP
3072:JG8K61I1fTdsb0RtO8s/J4GF7v98beBBOz3OCSLsb:JG8KOKf5sIRt3iJ4qv98bezO
Behavioral task
behavioral1
Sample
f349c54c94b3edd91fb10d43b7aed1d98e685145856eae9fad65275ce3511047.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
f349c54c94b3edd91fb10d43b7aed1d98e685145856eae9fad65275ce3511047
-
Size
168KB
-
MD5
35ce791eb47b9257a9643624954fc8a1
-
SHA1
7d8ee3c058b17329ceada2da7ddab2d805f43616
-
SHA256
f349c54c94b3edd91fb10d43b7aed1d98e685145856eae9fad65275ce3511047
-
SHA512
ab2e3e390889b19ebd687c1d612c106718a91bbe2eb885b235ecd7ff0f05875ef4e91b4ce119bdbf4ba8123c8424d5e40ae6cef73ad1830edd6230587c7e9b04
-
SSDEEP
3072:JG8K61I1fTdsb0RtO8s/J4GF7v98beBBOz3OCSLsb:JG8KOKf5sIRt3iJ4qv98bezO
-
Contains code to disable Windows Defender
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
Detects Windows executables referencing non-Windows User-Agents
-
Detects executables containing artifacts associated with disabling Widnows Defender
-
Detects executables embedding registry key / value combination indicative of disabling Windows Defender features
-
Detects file containing reversed ASEP Autorun registry keys
-