General
-
Target
db0562700c994c7ef47aa9a3c85c4fabd1ebe4262970d08b88076713e48325b1
-
Size
1.4MB
-
Sample
231003-p67b8acf64
-
MD5
b5b823550aac039fd2ec8e43fea4b34c
-
SHA1
aeea25bcfc1d0b15cd2d5a537c29ff0b328a42a7
-
SHA256
db0562700c994c7ef47aa9a3c85c4fabd1ebe4262970d08b88076713e48325b1
-
SHA512
415ffd28b5720c8df959eed648df6f85fe72df11b3900a9fae7b285c96d801bbf86223d31b92f95ff0261b5692835f2f70ff90794fcbb2ad759be99196346f3b
-
SSDEEP
24576:pyYwNB9GQ3oSPg47DS8seArQ1Xj95dXqL4J8t+pAA4t5RI9b6d0e1:cYwNBkMxPUHeAm5dXqLy8thVQb6d
Static task
static1
Behavioral task
behavioral1
Sample
db0562700c994c7ef47aa9a3c85c4fabd1ebe4262970d08b88076713e48325b1.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
db0562700c994c7ef47aa9a3c85c4fabd1ebe4262970d08b88076713e48325b1
-
Size
1.4MB
-
MD5
b5b823550aac039fd2ec8e43fea4b34c
-
SHA1
aeea25bcfc1d0b15cd2d5a537c29ff0b328a42a7
-
SHA256
db0562700c994c7ef47aa9a3c85c4fabd1ebe4262970d08b88076713e48325b1
-
SHA512
415ffd28b5720c8df959eed648df6f85fe72df11b3900a9fae7b285c96d801bbf86223d31b92f95ff0261b5692835f2f70ff90794fcbb2ad759be99196346f3b
-
SSDEEP
24576:pyYwNB9GQ3oSPg47DS8seArQ1Xj95dXqL4J8t+pAA4t5RI9b6d0e1:cYwNBkMxPUHeAm5dXqLy8thVQb6d
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1