General
-
Target
9ecac4384961bfeb3ad88d6295d70429a17f438b14d11f2488ede67b5a225e45
-
Size
1.0MB
-
Sample
231003-b5lr8sfe9z
-
MD5
a55a76da3ad3d5a5d5cbb04f7fdd2d13
-
SHA1
6fbda92018d756035063c12693bf92b402f32733
-
SHA256
9ecac4384961bfeb3ad88d6295d70429a17f438b14d11f2488ede67b5a225e45
-
SHA512
7abd7399358c7c654f125a40fe14c7ae89c9de00c7b1e308f91fb6a27492d1c0af5432f2e5799cf258eff4094d393d253c612f0ddeff8be1983a1380f60de3fe
-
SSDEEP
24576:VyYLqRF92eA3T+hz9Z3AluA4d9lOYU9nGczhUDuUwSfsFPY:wuq792HA9ZQD4MxSUFP
Static task
static1
Behavioral task
behavioral1
Sample
9ecac4384961bfeb3ad88d6295d70429a17f438b14d11f2488ede67b5a225e45.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
9ecac4384961bfeb3ad88d6295d70429a17f438b14d11f2488ede67b5a225e45
-
Size
1.0MB
-
MD5
a55a76da3ad3d5a5d5cbb04f7fdd2d13
-
SHA1
6fbda92018d756035063c12693bf92b402f32733
-
SHA256
9ecac4384961bfeb3ad88d6295d70429a17f438b14d11f2488ede67b5a225e45
-
SHA512
7abd7399358c7c654f125a40fe14c7ae89c9de00c7b1e308f91fb6a27492d1c0af5432f2e5799cf258eff4094d393d253c612f0ddeff8be1983a1380f60de3fe
-
SSDEEP
24576:VyYLqRF92eA3T+hz9Z3AluA4d9lOYU9nGczhUDuUwSfsFPY:wuq792HA9ZQD4MxSUFP
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1