General

  • Target

    3ac2acda426463aaca9b037308372c3eeeece6e6f63251b6efccfd5f05b7a2a5

  • Size

    1.0MB

  • Sample

    231003-mwtbhaaa4z

  • MD5

    ea34fa5c464bd757b5daeab99341609f

  • SHA1

    47ee5db26823266bb0ee0322c74054d00bf96267

  • SHA256

    3ac2acda426463aaca9b037308372c3eeeece6e6f63251b6efccfd5f05b7a2a5

  • SHA512

    b5ecf3eeebf028f4ed7b226c869fbff69846e42ecf458ef2989b67bc6e6d5d4ba3eacbcfed259480fb4edf026bb8dcaa6b5373c6384c57da62bd656ccd04895b

  • SSDEEP

    24576:fy1xzfA6lhc5FrFZwSPqJY4/e0GZRi6I7nGYI:q1xzfA6lhAFnwEgYjIB

Malware Config

Targets

    • Target

      3ac2acda426463aaca9b037308372c3eeeece6e6f63251b6efccfd5f05b7a2a5

    • Size

      1.0MB

    • MD5

      ea34fa5c464bd757b5daeab99341609f

    • SHA1

      47ee5db26823266bb0ee0322c74054d00bf96267

    • SHA256

      3ac2acda426463aaca9b037308372c3eeeece6e6f63251b6efccfd5f05b7a2a5

    • SHA512

      b5ecf3eeebf028f4ed7b226c869fbff69846e42ecf458ef2989b67bc6e6d5d4ba3eacbcfed259480fb4edf026bb8dcaa6b5373c6384c57da62bd656ccd04895b

    • SSDEEP

      24576:fy1xzfA6lhc5FrFZwSPqJY4/e0GZRi6I7nGYI:q1xzfA6lhAFnwEgYjIB

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks