General
-
Target
SecuriteInfo.com.Trojan.MulDrop11.26182.3488.5151
-
Size
531KB
-
Sample
200801-1jqxkqks8j
-
MD5
4b031cf99a7e85caf64b182ac5e6fb11
-
SHA1
aadb62600e6f8d8f41e5252d572ea8743b0405d1
-
SHA256
fbebdf40d44f38814dbfa6e613817a2fe244fac4fc35674a69e4a6385508f18e
-
SHA512
4f6e100b65509e82029349261e041c72186712c00450c92b46147e46b0973417849b4842b7c4e3ab143ea5ef160b925ce70ba81ce956ae4a9167371c0dae0b77
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.MulDrop11.26182.3488.5151.exe
Resource
win7
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.MulDrop11.26182.3488.5151.exe
Resource
win10
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.MulDrop11.26182.3488.5151
-
Size
531KB
-
MD5
4b031cf99a7e85caf64b182ac5e6fb11
-
SHA1
aadb62600e6f8d8f41e5252d572ea8743b0405d1
-
SHA256
fbebdf40d44f38814dbfa6e613817a2fe244fac4fc35674a69e4a6385508f18e
-
SHA512
4f6e100b65509e82029349261e041c72186712c00450c92b46147e46b0973417849b4842b7c4e3ab143ea5ef160b925ce70ba81ce956ae4a9167371c0dae0b77
Score10/10-
Contains code to disable Windows Defender
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
Suspicious use of SetThreadContext
-