General
-
Target
51d09f6a439e061c80d5f3f04129f77189683c24fbaa13dd556659db007c8bd9
-
Size
876KB
-
Sample
231003-d8ty5agb2x
-
MD5
27d012565a7414044cda7bf9e9dc0b41
-
SHA1
76d6be1182b641f7c5bec6ae0d61e6b8be6e66e2
-
SHA256
51d09f6a439e061c80d5f3f04129f77189683c24fbaa13dd556659db007c8bd9
-
SHA512
02024f885f7b9c9a909e72f5120c3052213068901127c499f97ecd60c76042045058b58176a6458b7a2b327196e19691b039b933b299e30fe64e9f97face4515
-
SSDEEP
12288:fMrQy90TRKP5mAeE8P0+D+hfuQl8pQdpnQC7pInt+UV8Dz5zsTsx4XIczpHCjg:PyoRKP5538c+ULsQdy0Jz5gNYccE
Static task
static1
Behavioral task
behavioral1
Sample
51d09f6a439e061c80d5f3f04129f77189683c24fbaa13dd556659db007c8bd9.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
51d09f6a439e061c80d5f3f04129f77189683c24fbaa13dd556659db007c8bd9
-
Size
876KB
-
MD5
27d012565a7414044cda7bf9e9dc0b41
-
SHA1
76d6be1182b641f7c5bec6ae0d61e6b8be6e66e2
-
SHA256
51d09f6a439e061c80d5f3f04129f77189683c24fbaa13dd556659db007c8bd9
-
SHA512
02024f885f7b9c9a909e72f5120c3052213068901127c499f97ecd60c76042045058b58176a6458b7a2b327196e19691b039b933b299e30fe64e9f97face4515
-
SSDEEP
12288:fMrQy90TRKP5mAeE8P0+D+hfuQl8pQdpnQC7pInt+UV8Dz5zsTsx4XIczpHCjg:PyoRKP5538c+ULsQdy0Jz5gNYccE
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1