Overview

overview

10

Static

static

3

cac39c240d...0a.exe

windows7-x64

10

cac39c240d...0a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cac39c240d4505de246ff2ed9ababc80452585ad6cffd5e6a4382cf151660b0a

  • Size

    403KB

  • Sample

    240422-dtmw9seg88

  • MD5

    9de470c870a05277fefe0352b8b4907a

  • SHA1

    4370f97cb5316d5c09dc9169c820022b137e05cc

  • SHA256

    cac39c240d4505de246ff2ed9ababc80452585ad6cffd5e6a4382cf151660b0a

  • SHA512

    c4e2c4e84c989719e9edb3be3ae2ef2d6c51cf821a42e61ad7ffb60cf87c2c40abca84a24621a6f856f13269bcc21e2b4396b1167e11a60615429343b8fb7183

  • SSDEEP

    6144:d7w/PZV2ercTNwDTnfXbnPymRg85RuP6uKGdgXWdVXnKZIv:d7iZEeSNaTnPzPs85RGndVXKKv

Score
10/10
healerdropperevasiontrojan

Malware Config

Targets

    • Target

      cac39c240d4505de246ff2ed9ababc80452585ad6cffd5e6a4382cf151660b0a

    • Size

      403KB

    • MD5

      9de470c870a05277fefe0352b8b4907a

    • SHA1

      4370f97cb5316d5c09dc9169c820022b137e05cc

    • SHA256

      cac39c240d4505de246ff2ed9ababc80452585ad6cffd5e6a4382cf151660b0a

    • SHA512

      c4e2c4e84c989719e9edb3be3ae2ef2d6c51cf821a42e61ad7ffb60cf87c2c40abca84a24621a6f856f13269bcc21e2b4396b1167e11a60615429343b8fb7183

    • SSDEEP

      6144:d7w/PZV2ercTNwDTnfXbnPymRg85RuP6uKGdgXWdVXnKZIv:d7iZEeSNaTnPzPs85RGndVXKKv

    Score
    10/10
    healerdropperevasiontrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks