General
-
Target
130e47b82560dca1740dd7aa4949540b9d7cd1f1cc6b4f3bfba9d109f75425ff
-
Size
877KB
-
Sample
231003-mbst8sbf73
-
MD5
f6f9288bd8453907fac8d027d4416fe7
-
SHA1
f4e27190564cebbba03505e71ecfb96b12f925d8
-
SHA256
130e47b82560dca1740dd7aa4949540b9d7cd1f1cc6b4f3bfba9d109f75425ff
-
SHA512
9d4492a04c7170852706b43b81cc88c1e0f3d38e91899cb12870bbf543edcb86d1a31896e47cc5ef055b144df1c957438b951dd22eb83515029b93937ea891b9
-
SSDEEP
12288:LMr0y90q0BId7pmR36IyeeudyqvPfaaZlCI4GL2/M8onN7Goyd6e2k2IgEVYubZI:3y9Y31cgLlCBGL2/5EG1se2YYubZI
Static task
static1
Behavioral task
behavioral1
Sample
130e47b82560dca1740dd7aa4949540b9d7cd1f1cc6b4f3bfba9d109f75425ff.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
130e47b82560dca1740dd7aa4949540b9d7cd1f1cc6b4f3bfba9d109f75425ff
-
Size
877KB
-
MD5
f6f9288bd8453907fac8d027d4416fe7
-
SHA1
f4e27190564cebbba03505e71ecfb96b12f925d8
-
SHA256
130e47b82560dca1740dd7aa4949540b9d7cd1f1cc6b4f3bfba9d109f75425ff
-
SHA512
9d4492a04c7170852706b43b81cc88c1e0f3d38e91899cb12870bbf543edcb86d1a31896e47cc5ef055b144df1c957438b951dd22eb83515029b93937ea891b9
-
SSDEEP
12288:LMr0y90q0BId7pmR36IyeeudyqvPfaaZlCI4GL2/M8onN7Goyd6e2k2IgEVYubZI:3y9Y31cgLlCBGL2/5EG1se2YYubZI
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1