General

  • Target

    2024-09-25_594f57ca9876b750779238bb154e883d_cobalt-strike_megazord

  • Size

    13.8MB

  • MD5

    594f57ca9876b750779238bb154e883d

  • SHA1

    90d8eb4ef895f681b8c2f2423e9ba350f7fc4033

  • SHA256

    e5989c706cd9d7a368e16f23f04d613bbeaebb703ac0983a56532ee9c77a9dc5

  • SHA512

    afaaf971e56a4858cc7e2200c2baf2b48fa85ea8ae3711a12069d56b6b84489164a5e36db40be0deed85a0581fc19c65f54187e93151eea3b75cb1b3bdd950a2

  • SSDEEP

    196608:466uJaZU4bQP8f4rsTGDjXu5RT01+3bMqobmOb5:djaZgP8k3so1+3Dol

Score
10/10

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-09-25_594f57ca9876b750779238bb154e883d_cobalt-strike_megazord
    .exe windows:6 windows x64 arch:x64

    753845d2c9ef7d478e4225bf1d78584a


    Headers

    Imports

    Exports

    Sections