9376ba25bd7424ba71bfbe5e72441ab9_JaffaCakes118

General

Target

9376ba25bd7424ba71bfbe5e72441ab9_JaffaCakes118
Size

24KB
MD5

9376ba25bd7424ba71bfbe5e72441ab9
SHA1

d2e471afb544e18bd908645a7f2362773a1558e4
SHA256

5dc5afd87c0daa76a83d1872708d881a9a1b7a3cea0d3ba64030c3d1e3a95ebb
SHA512

e628619208eceb7c3c4d783c7295b75f424e00e0d34a611bc037060b6d3208c3c0557a4cebe0999229e37f3665f7ec3f2f2be86c4101ae9fe4451847b2cdad0a
SSDEEP

768:zT3CcIJtZK5Jye4Qn204L9D6b1KQPP8PU:zT3CcIJtZK5Jj4Q2Ub1tPP8PU

Score

10^/10

Contains code to disable Windows Defender 1 IoCs

A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

resource	yara_rule
sample	disable_win_def

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9376ba25bd7424ba71bfbe5e72441ab9_JaffaCakes118