General
-
Target
5b6a40f4dc63118dd2e9a9a1d681a651c74affea210e0825be0284bf66257dde
-
Size
877KB
-
Sample
231003-mtbnnsaa2z
-
MD5
e1fd0136de0b795489f206fd835f9b0c
-
SHA1
4babbf14ffe7352b62f0b6422ff34eea5ab596e1
-
SHA256
5b6a40f4dc63118dd2e9a9a1d681a651c74affea210e0825be0284bf66257dde
-
SHA512
ab09cdb1b1a6cd757184ca21d131a74033b5d483ced48a02678b159cc90de14fd3d85d8f3093c50358db02e0cc56c4fd50e9c6ac57e21cb08b407e2acf7c1356
-
SSDEEP
24576:QyHqDWYzq0LOqTSWvgis7/aE8IGshLG/G4VC:XKDWYzq0LvTSWvgj/aE8IRhCe4
Static task
static1
Behavioral task
behavioral1
Sample
5b6a40f4dc63118dd2e9a9a1d681a651c74affea210e0825be0284bf66257dde.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
5b6a40f4dc63118dd2e9a9a1d681a651c74affea210e0825be0284bf66257dde
-
Size
877KB
-
MD5
e1fd0136de0b795489f206fd835f9b0c
-
SHA1
4babbf14ffe7352b62f0b6422ff34eea5ab596e1
-
SHA256
5b6a40f4dc63118dd2e9a9a1d681a651c74affea210e0825be0284bf66257dde
-
SHA512
ab09cdb1b1a6cd757184ca21d131a74033b5d483ced48a02678b159cc90de14fd3d85d8f3093c50358db02e0cc56c4fd50e9c6ac57e21cb08b407e2acf7c1356
-
SSDEEP
24576:QyHqDWYzq0LOqTSWvgis7/aE8IGshLG/G4VC:XKDWYzq0LvTSWvgj/aE8IRhCe4
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1