Overview

overview

10

Static

static

7

082abd50bc...72.exe

windows10-2004-x64

10

0a70b4612b...f6.exe

windows10-2004-x64

10

136b546d35...01.exe

windows10-2004-x64

10

1ec8ce9ace...96.exe

windows10-2004-x64

10

28e73a1086...9a.exe

windows7-x64

7

28e73a1086...9a.exe

windows10-2004-x64

7

3a5fd7dfde...92.exe

windows10-2004-x64

10

56dbfb10e0...5d.exe

windows10-2004-x64

10

5f7c9e83d8...c5.exe

windows7-x64

3

5f7c9e83d8...c5.exe

windows10-2004-x64

10

660944c2e2...12.exe

windows10-2004-x64

10

6b061fa476...e8.exe

windows10-2004-x64

10

795a49ee81...4a.exe

windows10-2004-x64

7d1f6eeb31...ef.exe

windows10-2004-x64

10

80f298c436...94.exe

windows10-2004-x64

10

85555569bb...4d.exe

windows10-2004-x64

10

bd2cad4003...26.exe

windows10-2004-x64

10

c429566ed4...39.exe

windows10-2004-x64

10

c47b15f967...7d.exe

windows10-2004-x64

10

ce9f75c073...16.exe

windows10-2004-x64

10

cfdc6cd562...d3.exe

windows10-2004-x64

10

eb81f341bc...da.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    0s
  • max time network
    18s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-05-2024 13:07

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    795a49ee81e6eb25d2140b564c0aa63d165592e4d3b7bb4c29423c619b51334a.exe

  • Size

    390KB

  • MD5

    2b5197c2b3a9c14d7cb949b809a27863

  • SHA1

    e78dac9c729de8b6e9064b3bb2043401063ed616

  • SHA256

    795a49ee81e6eb25d2140b564c0aa63d165592e4d3b7bb4c29423c619b51334a

  • SHA512

    622de70b8d20486c805cf25e5b32bc9351a28c4feca5fcde29c279761444450ca57f74a3b737a09eecf689fa909a1f89d729b528758f9a7a237dfe2511b80bbc

  • SSDEEP

    6144:KXy+bnr+Op0yN90QEymQY+TOYTc28XYmEhrORHTqij+jmMrLWJeXsuIGpt:BMr6y90r1+TOSp8oNhCqij+pzXs5Mt

Score
10/10
healerdropper

Malware Config

Signatures

  • Detects Healer an antivirus disabler dropper 2 IoCs
  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

Processes

  • C:\Users\Admin\AppData\Local\Temp\795a49ee81e6eb25d2140b564c0aa63d165592e4d3b7bb4c29423c619b51334a.exe
    "C:\Users\Admin\AppData\Local\Temp\795a49ee81e6eb25d2140b564c0aa63d165592e4d3b7bb4c29423c619b51334a.exe"
    1⤵
      PID:464
      • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\y0932119.exe
        C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\y0932119.exe
        2⤵
          PID:920
          • C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\k8761760.exe
            C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\k8761760.exe
            3⤵
              PID:4636

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\y0932119.exe
          Filesize

          234KB

          MD5

          edc556bd751be4c21331a62f7cdb4a85

          SHA1

          a7f116072ee2b0a502ee9b5b3ad2069bfa760291

          SHA256

          bb05c8d756e41cb57119eb061d6fe683f561205cb9729a24b65c604dd286a50d

          SHA512

          c91080a951f2d3b89f4aac3073395ed139a692fb3b962ffda3e221bb36e55986ea7c47037d0e78ba11ae58082907dd9a452305454c953ce867f30113bcc45da1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\k8761760.exe
          Filesize

          11KB

          MD5

          7e93bacbbc33e6652e147e7fe07572a0

          SHA1

          421a7167da01c8da4dc4d5234ca3dd84e319e762

          SHA256

          850cd190aaeebcf1505674d97f51756f325e650320eaf76785d954223a9bee38

          SHA512

          250169d7b6fcebff400be89edae8340f14130ced70c340ba9da9f225f62b52b35f6645bfb510962efb866f988688cb42392561d3e6b72194bc89d310ea43aa91

          Download Submit

        • memory/4636-15-0x00007FFA49883000-0x00007FFA49885000-memory.dmp

          Filesize

          8KB

          Download

        • memory/4636-14-0x0000000000E50000-0x0000000000E5A000-memory.dmp

          Filesize

          40KB

          Download