General

  • Target

    Client-built.exe

  • Size

    87KB

  • MD5

    4032893250638d7caceeac4aceda0151

  • SHA1

    a0660b9561f6e2c2ebf85f8589a5225a167319e6

  • SHA256

    17a4492a3273db5b5fea77e13b7b17879e869e171e5c9ece9e25595e76a1da78

  • SHA512

    90d323bb653ecea74faaa14aaffd2dd97b6e55639aa90f5d6f207f7f59a1d081c2f69678c1a743859b61ea52ae5528df090246b9040959553a64869238f315b7

  • SSDEEP

    1536:jZDcWe+Vj5tyksII/Jnyt+Dy/UtKJtVHbwKPrh+NzxCxoKV6+UtX3z:jxcr/Jnh+Ut0HbwKPrh+zNtXj

Score
10/10

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Discordrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Client-built.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections