General
-
Target
1796479f0330ae4f9001463e7bf80b9b5f0b4593152af84f73df02bab6371cbe
-
Size
705KB
-
Sample
230922-3clejscg65
-
MD5
03385175a929d005854699bb80be1d9e
-
SHA1
b908713483094d6e1a085522688564d04f95ef34
-
SHA256
1796479f0330ae4f9001463e7bf80b9b5f0b4593152af84f73df02bab6371cbe
-
SHA512
e0975997be6e0a3a09b9fe5f7ea9efa178fa8b29f60174cc69681424a8bcfdecccb5e0d66de0a9182c919d9aafc503384f111da94d292c12cf039d3a21daaa69
-
SSDEEP
12288:HMrNy90brITXe/Ecb23h0oE8Jr0epoTm680UWapmGUf/5cc:myaoe/J23jEsr0YoT/80/QDUfj
Malware Config
Targets
-
-
Target
1796479f0330ae4f9001463e7bf80b9b5f0b4593152af84f73df02bab6371cbe
-
Size
705KB
-
MD5
03385175a929d005854699bb80be1d9e
-
SHA1
b908713483094d6e1a085522688564d04f95ef34
-
SHA256
1796479f0330ae4f9001463e7bf80b9b5f0b4593152af84f73df02bab6371cbe
-
SHA512
e0975997be6e0a3a09b9fe5f7ea9efa178fa8b29f60174cc69681424a8bcfdecccb5e0d66de0a9182c919d9aafc503384f111da94d292c12cf039d3a21daaa69
-
SSDEEP
12288:HMrNy90brITXe/Ecb23h0oE8Jr0epoTm680UWapmGUf/5cc:myaoe/J23jEsr0YoT/80/QDUfj
Score10/10-
Detects Healer an antivirus disabler dropper
-
Healer
Healer an antivirus disabler dropper.
-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Windows security modification
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1