General
-
Target
a1d6be93ea1f7051e19504af5388665ecf5862be51cdb1df4895ab196defbf74
-
Size
1.1MB
-
Sample
230929-yq6kesed9s
-
MD5
1ff470ae4b3f8ee1d4b2d7f65932a039
-
SHA1
c4b0207ad5f5f7eaa48fe613f2b246d4cb405cb0
-
SHA256
a1d6be93ea1f7051e19504af5388665ecf5862be51cdb1df4895ab196defbf74
-
SHA512
cb167a7cebb137e21ff67f6d902971630ad11a1e2ec983285284f9b86fa291d5661c43378f31902e8c5d4802c95f59cf6836f261f875c3a32768fbee7f526c5a
-
SSDEEP
24576:zydja0Du8udg9EXNFsrHKrXN4A044gP+eu:GVAg9EdaGr9EngP+e
Malware Config
Targets
-
-
Target
a1d6be93ea1f7051e19504af5388665ecf5862be51cdb1df4895ab196defbf74
-
Size
1.1MB
-
MD5
1ff470ae4b3f8ee1d4b2d7f65932a039
-
SHA1
c4b0207ad5f5f7eaa48fe613f2b246d4cb405cb0
-
SHA256
a1d6be93ea1f7051e19504af5388665ecf5862be51cdb1df4895ab196defbf74
-
SHA512
cb167a7cebb137e21ff67f6d902971630ad11a1e2ec983285284f9b86fa291d5661c43378f31902e8c5d4802c95f59cf6836f261f875c3a32768fbee7f526c5a
-
SSDEEP
24576:zydja0Du8udg9EXNFsrHKrXN4A044gP+eu:GVAg9EdaGr9EngP+e
Score10/10-
Detects Healer an antivirus disabler dropper
-
Healer
Healer an antivirus disabler dropper.
-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1