General
-
Target
3d65f306464b18f0edab99eb31fef7f217959a68b6bcdf3a5c95e6a349a4f45f
-
Size
1.4MB
-
Sample
231003-pzb8haag4w
-
MD5
c5c123aa5f206bd2f21a2c82da6ee395
-
SHA1
d1963264120d7531c81efc0663d9617959b1476a
-
SHA256
3d65f306464b18f0edab99eb31fef7f217959a68b6bcdf3a5c95e6a349a4f45f
-
SHA512
87088c687deabe3c2869d53bd45215808937751346b02478d7ae66ee9f2458ca5a72023c9ce6180f347cabed2d8b2f329f64695a8ec295c35e616f3af5e08b7d
-
SSDEEP
24576:YytCGqDUhYUr2D/wDQkQAQla3AUgKc2G+xiS/gUVthXppTtxu2/vK8pxPwTr:ftCXDUPY/CQkQAQAAUgKnG+UwgUVtVXe
Static task
static1
Behavioral task
behavioral1
Sample
3d65f306464b18f0edab99eb31fef7f217959a68b6bcdf3a5c95e6a349a4f45f.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
3d65f306464b18f0edab99eb31fef7f217959a68b6bcdf3a5c95e6a349a4f45f
-
Size
1.4MB
-
MD5
c5c123aa5f206bd2f21a2c82da6ee395
-
SHA1
d1963264120d7531c81efc0663d9617959b1476a
-
SHA256
3d65f306464b18f0edab99eb31fef7f217959a68b6bcdf3a5c95e6a349a4f45f
-
SHA512
87088c687deabe3c2869d53bd45215808937751346b02478d7ae66ee9f2458ca5a72023c9ce6180f347cabed2d8b2f329f64695a8ec295c35e616f3af5e08b7d
-
SSDEEP
24576:YytCGqDUhYUr2D/wDQkQAQla3AUgKc2G+xiS/gUVthXppTtxu2/vK8pxPwTr:ftCXDUPY/CQkQAQAAUgKnG+UwgUVtVXe
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1