General
-
Target
P90P_PROXY.exe
-
Size
905KB
-
Sample
241006-zm1qfavfjn
-
MD5
551cd8e5461c68ec23ec11eab941c262
-
SHA1
bf16424415ff1562fa442981ed9f84cc167cab07
-
SHA256
9bca0051537823f2c31bebafa453130a549599f825241423c6bc8d8c6aa49f71
-
SHA512
52c645bbc7ab74588b3715d181f9412762f071fbc6ba5845b4b1eaf92b530f8835b4ed960f76a4b962fe3d48bd18844a79fa9557a26ae866f038526efcd40de7
-
SSDEEP
12288:vTEYAsROAsrt/uxduo1jB0Y96q1CCgLbY/0PejVdoXvvGabyl2OswS50LHvbdu+:vwT7rC6q1CZLoLzSylbswS54T1
Behavioral task
behavioral1
Sample
P90P_PROXY.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
P90P_PROXY.exe
-
Size
905KB
-
MD5
551cd8e5461c68ec23ec11eab941c262
-
SHA1
bf16424415ff1562fa442981ed9f84cc167cab07
-
SHA256
9bca0051537823f2c31bebafa453130a549599f825241423c6bc8d8c6aa49f71
-
SHA512
52c645bbc7ab74588b3715d181f9412762f071fbc6ba5845b4b1eaf92b530f8835b4ed960f76a4b962fe3d48bd18844a79fa9557a26ae866f038526efcd40de7
-
SSDEEP
12288:vTEYAsROAsrt/uxduo1jB0Y96q1CCgLbY/0PejVdoXvvGabyl2OswS50LHvbdu+:vwT7rC6q1CZLoLzSylbswS54T1
-
Contains code to disable Windows Defender
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
Detects Eternity stealer
-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Disables Task Manager via registry modification
-
Drops startup file
-
Executes dropped EXE
-