Overview

overview

10

Static

static

3

9ee25c5695...74.exe

windows7-x64

10

9ee25c5695...74.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9ee25c56957e625c81863485b5e434e8410c14e1209f9670c2d6c3aa8ddbdf74

  • Size

    391KB

  • Sample

    240424-xwkpgaff3y

  • MD5

    2a33568c325229dc55872308699ea12c

  • SHA1

    bba016a46e133c91a2b3bdca0f9987563e8409b5

  • SHA256

    9ee25c56957e625c81863485b5e434e8410c14e1209f9670c2d6c3aa8ddbdf74

  • SHA512

    bf508bf82e08d4235dc6370f34dfea413a0f3715a173abb4f4f772d13c111ab3a476ad9488c9282cd652e4a7e4113d6a38c45c15f3c3beac0c32e6ca46de8752

  • SSDEEP

    6144:o+ISz1iadJyThR1deYrPvhIZc6c0kp5OogMqa97/QQa:ow5rdmh3kYj5IvKp5JgMT8Qa

Score
10/10
healerdropperevasiontrojan

Malware Config

Targets

    • Target

      9ee25c56957e625c81863485b5e434e8410c14e1209f9670c2d6c3aa8ddbdf74

    • Size

      391KB

    • MD5

      2a33568c325229dc55872308699ea12c

    • SHA1

      bba016a46e133c91a2b3bdca0f9987563e8409b5

    • SHA256

      9ee25c56957e625c81863485b5e434e8410c14e1209f9670c2d6c3aa8ddbdf74

    • SHA512

      bf508bf82e08d4235dc6370f34dfea413a0f3715a173abb4f4f772d13c111ab3a476ad9488c9282cd652e4a7e4113d6a38c45c15f3c3beac0c32e6ca46de8752

    • SSDEEP

      6144:o+ISz1iadJyThR1deYrPvhIZc6c0kp5OogMqa97/QQa:ow5rdmh3kYj5IvKp5JgMT8Qa

    Score
    10/10
    healerdropperevasiontrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks