General
-
Target
8fb47b845f37620b508c9a11b7319b903636bbb755c97acc0a55014ad66c32bf
-
Size
877KB
-
Sample
231003-l641bahg4t
-
MD5
3fa49eb2eb1f499523f102c250336a87
-
SHA1
4baf838040e76c46b334c93acaab02efcd93c9b1
-
SHA256
8fb47b845f37620b508c9a11b7319b903636bbb755c97acc0a55014ad66c32bf
-
SHA512
25c2a3eeac555837b0b8ab47893f3bffd46c2b01e8f90981cf8c68f6c36275be6d2c458012d330393185a9a549b633e5807469298cb7698e2943ee760993c8ac
-
SSDEEP
12288:7Mrwy90U/RkR/aH3UGe6Gf8+siyL1iI25OQ3KlCi8SI7yjnbomgpcc63VP8jpbN/:HyhRkRG30AriyS5OQ3KCVsjnlg7osh/
Static task
static1
Behavioral task
behavioral1
Sample
8fb47b845f37620b508c9a11b7319b903636bbb755c97acc0a55014ad66c32bf.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
8fb47b845f37620b508c9a11b7319b903636bbb755c97acc0a55014ad66c32bf
-
Size
877KB
-
MD5
3fa49eb2eb1f499523f102c250336a87
-
SHA1
4baf838040e76c46b334c93acaab02efcd93c9b1
-
SHA256
8fb47b845f37620b508c9a11b7319b903636bbb755c97acc0a55014ad66c32bf
-
SHA512
25c2a3eeac555837b0b8ab47893f3bffd46c2b01e8f90981cf8c68f6c36275be6d2c458012d330393185a9a549b633e5807469298cb7698e2943ee760993c8ac
-
SSDEEP
12288:7Mrwy90U/RkR/aH3UGe6Gf8+siyL1iI25OQ3KlCi8SI7yjnbomgpcc63VP8jpbN/:HyhRkRG30AriyS5OQ3KCVsjnlg7osh/
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1