General

  • Target

    6093970b499752c875900d3401fdb9fa569f5e2c06a31dd7ac322924da1002c7

  • Size

    260KB

  • Sample

    240402-1qxzdsee8t

  • MD5

    21490047898da75886bb29653742a4d0

  • SHA1

    065051a8470d7eb8f2014002e70527d1e8135db5

  • SHA256

    6093970b499752c875900d3401fdb9fa569f5e2c06a31dd7ac322924da1002c7

  • SHA512

    db18ba3a3b16406342bf775d90a7ca2f404e9289fa2025ecd6134b1c96c99d3286ffabe2193dde094c0f80d723c7efbedf98aa037efd81eb68dd50c06cb29cf7

  • SSDEEP

    3072:+kZynGHvGYx5TVl0WyHb1DpkgB4DxRlfGMqSvi7kcU5HRc1qwlekc3j5gno:/35TVlLIxpkZXfGMXUkcU5HR+leLmo

Malware Config

Targets

    • Target

      6093970b499752c875900d3401fdb9fa569f5e2c06a31dd7ac322924da1002c7

    • Size

      260KB

    • MD5

      21490047898da75886bb29653742a4d0

    • SHA1

      065051a8470d7eb8f2014002e70527d1e8135db5

    • SHA256

      6093970b499752c875900d3401fdb9fa569f5e2c06a31dd7ac322924da1002c7

    • SHA512

      db18ba3a3b16406342bf775d90a7ca2f404e9289fa2025ecd6134b1c96c99d3286ffabe2193dde094c0f80d723c7efbedf98aa037efd81eb68dd50c06cb29cf7

    • SSDEEP

      3072:+kZynGHvGYx5TVl0WyHb1DpkgB4DxRlfGMqSvi7kcU5HRc1qwlekc3j5gno:/35TVlLIxpkZXfGMXUkcU5HR+leLmo

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Modifies Windows Defender Real-time Protection settings

    • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features

    • Windows security modification

MITRE ATT&CK Enterprise v15

Tasks