General
-
Target
e35c7311dd3f58894753ae7bee76ef59c6ab5da98bedc6e45b894d17dbc25aff
-
Size
1.0MB
-
Sample
231003-a9swnshc42
-
MD5
3eedd8c2b83215c3ec112f7435885845
-
SHA1
3cb036d04d2ca463dda536173ec07e47d086e715
-
SHA256
e35c7311dd3f58894753ae7bee76ef59c6ab5da98bedc6e45b894d17dbc25aff
-
SHA512
2c5d6c6109ea8c99f6831fed8e08cb1205da366e1ef4f3b6cec33f077bbe9cc10b134c3aa0db10f12944b19314dbe54d2a570c9524eb49217448c281973fd924
-
SSDEEP
24576:6yOG4QuWAGfWjZQiYBm6GtwDm07WeGJA13lu2BeApmXzm:BjNuWqjZ14+wi0rGJA13oOfpmj
Static task
static1
Behavioral task
behavioral1
Sample
e35c7311dd3f58894753ae7bee76ef59c6ab5da98bedc6e45b894d17dbc25aff.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
e35c7311dd3f58894753ae7bee76ef59c6ab5da98bedc6e45b894d17dbc25aff
-
Size
1.0MB
-
MD5
3eedd8c2b83215c3ec112f7435885845
-
SHA1
3cb036d04d2ca463dda536173ec07e47d086e715
-
SHA256
e35c7311dd3f58894753ae7bee76ef59c6ab5da98bedc6e45b894d17dbc25aff
-
SHA512
2c5d6c6109ea8c99f6831fed8e08cb1205da366e1ef4f3b6cec33f077bbe9cc10b134c3aa0db10f12944b19314dbe54d2a570c9524eb49217448c281973fd924
-
SSDEEP
24576:6yOG4QuWAGfWjZQiYBm6GtwDm07WeGJA13lu2BeApmXzm:BjNuWqjZ14+wi0rGJA13oOfpmj
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1