General

  • Target

    cac39c240d4505de246ff2ed9ababc80452585ad6cffd5e6a4382cf151660b0a

  • Size

    403KB

  • Sample

    240422-dtmw9seg88

  • MD5

    9de470c870a05277fefe0352b8b4907a

  • SHA1

    4370f97cb5316d5c09dc9169c820022b137e05cc

  • SHA256

    cac39c240d4505de246ff2ed9ababc80452585ad6cffd5e6a4382cf151660b0a

  • SHA512

    c4e2c4e84c989719e9edb3be3ae2ef2d6c51cf821a42e61ad7ffb60cf87c2c40abca84a24621a6f856f13269bcc21e2b4396b1167e11a60615429343b8fb7183

  • SSDEEP

    6144:d7w/PZV2ercTNwDTnfXbnPymRg85RuP6uKGdgXWdVXnKZIv:d7iZEeSNaTnPzPs85RGndVXKKv

Malware Config

Targets

    • Target

      cac39c240d4505de246ff2ed9ababc80452585ad6cffd5e6a4382cf151660b0a

    • Size

      403KB

    • MD5

      9de470c870a05277fefe0352b8b4907a

    • SHA1

      4370f97cb5316d5c09dc9169c820022b137e05cc

    • SHA256

      cac39c240d4505de246ff2ed9ababc80452585ad6cffd5e6a4382cf151660b0a

    • SHA512

      c4e2c4e84c989719e9edb3be3ae2ef2d6c51cf821a42e61ad7ffb60cf87c2c40abca84a24621a6f856f13269bcc21e2b4396b1167e11a60615429343b8fb7183

    • SSDEEP

      6144:d7w/PZV2ercTNwDTnfXbnPymRg85RuP6uKGdgXWdVXnKZIv:d7iZEeSNaTnPzPs85RGndVXKKv

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Modifies Windows Defender Real-time Protection settings

    • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features

    • Windows security modification

MITRE ATT&CK Enterprise v15

Tasks