General
-
Target
cd169454ce2b1a9455551326011c76deff2603c140ec260ad08df9ad88c0256d
-
Size
877KB
-
Sample
231003-elyt8saa34
-
MD5
35478a96437c153f21db32aeb951e3ed
-
SHA1
410214b7362e2c5dc2be29dea3c6a7a8ad2f4eee
-
SHA256
cd169454ce2b1a9455551326011c76deff2603c140ec260ad08df9ad88c0256d
-
SHA512
42c7ee6268d7db086a67f2df0c947f8d250f89dee19a531e831dcbff99537ccbc1dd5826b54939697dc7fc96a036381596004212c4391f4806b371a22b83816a
-
SSDEEP
12288:ZMrty90IWDvyEjc0Q5VCEKj5b4GhnoizhES+Q+Algb5LxqmZqgkOVPV67n/HOKjX:EyIWEjbgoEKj5NhogcAALPtg/OKjd+O
Static task
static1
Behavioral task
behavioral1
Sample
cd169454ce2b1a9455551326011c76deff2603c140ec260ad08df9ad88c0256d.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
cd169454ce2b1a9455551326011c76deff2603c140ec260ad08df9ad88c0256d
-
Size
877KB
-
MD5
35478a96437c153f21db32aeb951e3ed
-
SHA1
410214b7362e2c5dc2be29dea3c6a7a8ad2f4eee
-
SHA256
cd169454ce2b1a9455551326011c76deff2603c140ec260ad08df9ad88c0256d
-
SHA512
42c7ee6268d7db086a67f2df0c947f8d250f89dee19a531e831dcbff99537ccbc1dd5826b54939697dc7fc96a036381596004212c4391f4806b371a22b83816a
-
SSDEEP
12288:ZMrty90IWDvyEjc0Q5VCEKj5b4GhnoizhES+Q+Algb5LxqmZqgkOVPV67n/HOKjX:EyIWEjbgoEKj5NhogcAALPtg/OKjd+O
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1