General

  • Target

    37dd6fe30ecd67cfc661fa3581ea9388f5a87a16022227bd3a62a6bcb829ffb1

  • Size

    391KB

  • Sample

    240424-sdvphaca52

  • MD5

    0a84386b85b39b57e8da53f7b5db5a37

  • SHA1

    c99c7c6739f611afa1ca9ebe723ea0b145075bac

  • SHA256

    37dd6fe30ecd67cfc661fa3581ea9388f5a87a16022227bd3a62a6bcb829ffb1

  • SHA512

    3d137be1532fdfd6edce769f5c0b7c9d32aedad3ff944bca8a6f23e354962079f4889ed50d520350b2856a2e71199b4e3cab3a3ed5fa4cf4d83fba02039ee314

  • SSDEEP

    6144:A+ISz1iadJyThR1deYrPvhIZc6c0kp5OogMqa97/QQa:Aw5rdmh3kYj5IvKp5JgMT8Qa

Malware Config

Targets

    • Target

      37dd6fe30ecd67cfc661fa3581ea9388f5a87a16022227bd3a62a6bcb829ffb1

    • Size

      391KB

    • MD5

      0a84386b85b39b57e8da53f7b5db5a37

    • SHA1

      c99c7c6739f611afa1ca9ebe723ea0b145075bac

    • SHA256

      37dd6fe30ecd67cfc661fa3581ea9388f5a87a16022227bd3a62a6bcb829ffb1

    • SHA512

      3d137be1532fdfd6edce769f5c0b7c9d32aedad3ff944bca8a6f23e354962079f4889ed50d520350b2856a2e71199b4e3cab3a3ed5fa4cf4d83fba02039ee314

    • SSDEEP

      6144:A+ISz1iadJyThR1deYrPvhIZc6c0kp5OogMqa97/QQa:Aw5rdmh3kYj5IvKp5JgMT8Qa

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Modifies Windows Defender Real-time Protection settings

    • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features

    • Windows security modification

MITRE ATT&CK Enterprise v15

Tasks