General
-
Target
48eb3ec3e2861155e7452daa59c6b022f15c3927bcd482fe15b0827460e58c6c
-
Size
1.4MB
-
Sample
231003-p7wl4sag61
-
MD5
8e4953b029a067606b849f9ee0c4b84a
-
SHA1
d436270f3c48dbaff65b1b457151b54ea16e2139
-
SHA256
48eb3ec3e2861155e7452daa59c6b022f15c3927bcd482fe15b0827460e58c6c
-
SHA512
dcfbcca7294d956f95dc005d865c01c41759661499381d3f941b62f6af3e4cd612879dee7d7255f69169baceda052b1f1b8a8eaf99cb3ff89d46ed00c519fb94
-
SSDEEP
24576:KyWIlnP1wm8LGHLxaZqoelH8det2gh4t4oeprHSY6MN6EexrIyLiizypi/XmGVv:RWaIoE8Xlcd82git4oWjBNN7IIoypifJ
Static task
static1
Behavioral task
behavioral1
Sample
48eb3ec3e2861155e7452daa59c6b022f15c3927bcd482fe15b0827460e58c6c.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
48eb3ec3e2861155e7452daa59c6b022f15c3927bcd482fe15b0827460e58c6c
-
Size
1.4MB
-
MD5
8e4953b029a067606b849f9ee0c4b84a
-
SHA1
d436270f3c48dbaff65b1b457151b54ea16e2139
-
SHA256
48eb3ec3e2861155e7452daa59c6b022f15c3927bcd482fe15b0827460e58c6c
-
SHA512
dcfbcca7294d956f95dc005d865c01c41759661499381d3f941b62f6af3e4cd612879dee7d7255f69169baceda052b1f1b8a8eaf99cb3ff89d46ed00c519fb94
-
SSDEEP
24576:KyWIlnP1wm8LGHLxaZqoelH8det2gh4t4oeprHSY6MN6EexrIyLiizypi/XmGVv:RWaIoE8Xlcd82git4oWjBNN7IIoypifJ
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1