MalwareBazaar Database
This page shows some basic information the YARA rule HKTL_NET_GUID_Disable_Windows_Defender including corresponding malware samples.
Database Entry
| YARA Rule: | HKTL_NET_GUID_Disable_Windows_Defender |
|---|---|
| Author: | Arnim Rupp |
| Description: | Detects c# red/black-team tools via typelibguid |
| Firstseen: | 2021-06-04 07:19:54 UTC |
| Lastseen: | 2022-08-31 18:31:43 UTC |
| Sightings: | 14 |
Malware Samples
The table below shows all malware samples that matching this particular YARA rule (max 1000).
| Firstseen (UTC) | SHA256 hash | Tags | Signature | Reporter |
|---|