name[.]ps1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

name.ps1
Size

898B
MD5

c6dfdb86121df11da5f930bb0806868c
SHA1

bbc3d4d2817ee4b2e696c2d0775d903f742c6a9f
SHA256

dd5844c98e982c742808b624bc1bb1704761ebe3fe476b8767f78f8b049a5ec3
SHA512

ffbbdbf07d2a33f15dadaef52dfd65471b87c2753ae8bc0d2f1f445011b880b1696ae5f314defcbdf7d30f81388dfc54a1183f38173ee4632defcdd63edc0b5e

Score

10^/10

Malware Config

Signatures

Contains code to disable Windows Defender 1 IoCs

A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

resource	yara_rule
sample	disable_win_def

Files

name.ps1
.ps1