Overview

overview

10

Static

static

1

392febb1bc...82.exe

windows7-x64

10

392febb1bc...82.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    392febb1bcb51ffd4a9019f2aa7fba82.exe

  • Size

    530KB

  • Sample

    230712-hnmrjadc7v

  • MD5

    392febb1bcb51ffd4a9019f2aa7fba82

  • SHA1

    e9ad51d6043f0ccc93829e084f3e9440d6317a38

  • SHA256

    b1f4801cf9033987a2e212ce20fa18963f4778e116d7f3ca0612991aa7f7e3b1

  • SHA512

    604f67d12926fd55413908b4c0524321001c29ee7bd700bef49e2dbb78ffcc072621fb57310b256a9cd83df9d4133c2313c35fd8fa6344b71bc781b51e9b454d

  • SSDEEP

    12288:FiICSVtg0wBW3iFt4ONq30/4St2NBd0JoLdaoi9Bbk:FBbVTb34k30/8dRi9

Score
10/10
healerdropperevasiontrojan

Malware Config

Targets

    • Target

      392febb1bcb51ffd4a9019f2aa7fba82.exe

    • Size

      530KB

    • MD5

      392febb1bcb51ffd4a9019f2aa7fba82

    • SHA1

      e9ad51d6043f0ccc93829e084f3e9440d6317a38

    • SHA256

      b1f4801cf9033987a2e212ce20fa18963f4778e116d7f3ca0612991aa7f7e3b1

    • SHA512

      604f67d12926fd55413908b4c0524321001c29ee7bd700bef49e2dbb78ffcc072621fb57310b256a9cd83df9d4133c2313c35fd8fa6344b71bc781b51e9b454d

    • SSDEEP

      12288:FiICSVtg0wBW3iFt4ONq30/4St2NBd0JoLdaoi9Bbk:FBbVTb34k30/8dRi9

    Score
    10/10
    healerdropperevasiontrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Disabling Security Tools

2
T1089

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks