YARAhub
You are currently viewing the YARAhub entry of the YARA rule Tool_CombinedWindowsDefKiller. Depending on the TLP classification of this YARA rule chosen by the author, further information about this YARA rule is available below.
YARA Rule Details: Tool_CombinedWindowsDefKiller
| Rule name: | Tool_CombinedWindowsDefKiller |
|---|---|
| Author: | Nikos 'n0t' Totosis - @casperinous |
| Description: | An EDR/AV process/services killer component utilizing code from WinDefenderKiller open-source project. |
| Reference MD5: | a641a6184845dfbbb5f0fff2e3a059f2 |
| Likes: | 0 |
| Reference Link : | n/a |
| Malpedia Family : | n/a |
| Date added: | 2026-06-22 |
| Rule Matching TLP : | TLP:WHITE |
| Rule Sharing TLP : | TLP:RED |
| License : | https://creativecommons.org/licenses/by-nc/4.0/ |
| UUID: | 680bf510-7c33-48e0-9041-797b280e6fc5 |
| Static hits: | 1 |
| Unpacker hits: | 0 |
YARA Rule Content
The content of the YARA rule is shown below.
The author of this YARA rule has chosen to not share the YARA rule
YARA Rule Matches
The following table shows the most recent files matching this particular YARA rule.
| First seen (UTC) | SHA256 hash | Static matches | Unpacker matches |
|---|