General

  • Target

    SecuriteInfo.com.Trojan.MulDrop11.26182.3488.5151

  • Size

    531KB

  • Sample

    200801-1jqxkqks8j

  • MD5

    4b031cf99a7e85caf64b182ac5e6fb11

  • SHA1

    aadb62600e6f8d8f41e5252d572ea8743b0405d1

  • SHA256

    fbebdf40d44f38814dbfa6e613817a2fe244fac4fc35674a69e4a6385508f18e

  • SHA512

    4f6e100b65509e82029349261e041c72186712c00450c92b46147e46b0973417849b4842b7c4e3ab143ea5ef160b925ce70ba81ce956ae4a9167371c0dae0b77

Score
10/10

Malware Config

Targets

    • Target

      SecuriteInfo.com.Trojan.MulDrop11.26182.3488.5151

    • Size

      531KB

    • MD5

      4b031cf99a7e85caf64b182ac5e6fb11

    • SHA1

      aadb62600e6f8d8f41e5252d572ea8743b0405d1

    • SHA256

      fbebdf40d44f38814dbfa6e613817a2fe244fac4fc35674a69e4a6385508f18e

    • SHA512

      4f6e100b65509e82029349261e041c72186712c00450c92b46147e46b0973417849b4842b7c4e3ab143ea5ef160b925ce70ba81ce956ae4a9167371c0dae0b77

    Score
    10/10
    • Contains code to disable Windows Defender

      A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks