General
-
Target
c80249aec86a353b41beb715dbc0c33e52d5f14f3f1194f76ac5bdd227709232
-
Size
876KB
-
Sample
231003-lts3aabe94
-
MD5
745b25406dfd501dd0a2b53e304b8fae
-
SHA1
aa7a56968aca370079c572cbfd90a2c90b757ac7
-
SHA256
c80249aec86a353b41beb715dbc0c33e52d5f14f3f1194f76ac5bdd227709232
-
SHA512
b90b6b625975944206f9ea06561d2af026712245852a803d449082d9ac8c8c153cab098ef7174ea000dcb09d02808f1cc6c072fabffaa9416f24e815e8ef3ac4
-
SSDEEP
24576:syBIQEiRHBgR9QpvkSCe/XscHitzyA0zJbT:bcijgRCvwe0cCtwlb
Static task
static1
Behavioral task
behavioral1
Sample
c80249aec86a353b41beb715dbc0c33e52d5f14f3f1194f76ac5bdd227709232.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
c80249aec86a353b41beb715dbc0c33e52d5f14f3f1194f76ac5bdd227709232
-
Size
876KB
-
MD5
745b25406dfd501dd0a2b53e304b8fae
-
SHA1
aa7a56968aca370079c572cbfd90a2c90b757ac7
-
SHA256
c80249aec86a353b41beb715dbc0c33e52d5f14f3f1194f76ac5bdd227709232
-
SHA512
b90b6b625975944206f9ea06561d2af026712245852a803d449082d9ac8c8c153cab098ef7174ea000dcb09d02808f1cc6c072fabffaa9416f24e815e8ef3ac4
-
SSDEEP
24576:syBIQEiRHBgR9QpvkSCe/XscHitzyA0zJbT:bcijgRCvwe0cCtwlb
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1