General

  • Target

    5cd7cd9696592623bbeacbf78d3cf1669bcb587a49e0438f65c794fcfffa6f0eN

  • Size

    405KB

  • Sample

    241109-x429gszla1

  • MD5

    7c2ef263cc213381bed4e61c123f81e0

  • SHA1

    14724e684c28e2b09ea1c7ee6ffca408aa91066b

  • SHA256

    5cd7cd9696592623bbeacbf78d3cf1669bcb587a49e0438f65c794fcfffa6f0e

  • SHA512

    9aa2693ff144d8543a35a871d1bdaa596f0af60ef35921954fe9574f0ffff36bd47a2c3dc7ea87360a5ff7d23b2b00abfbec698e771c7c90c51b6fa2346c6c1a

  • SSDEEP

    6144:sgp0yN90QEblqnRgZqLtNs1gvwZm8yFwiqliBa+WytZuVPrO:Gy90HyKZqLte12wew/i0egTO

Malware Config

Targets

    • Target

      5cd7cd9696592623bbeacbf78d3cf1669bcb587a49e0438f65c794fcfffa6f0eN

    • Size

      405KB

    • MD5

      7c2ef263cc213381bed4e61c123f81e0

    • SHA1

      14724e684c28e2b09ea1c7ee6ffca408aa91066b

    • SHA256

      5cd7cd9696592623bbeacbf78d3cf1669bcb587a49e0438f65c794fcfffa6f0e

    • SHA512

      9aa2693ff144d8543a35a871d1bdaa596f0af60ef35921954fe9574f0ffff36bd47a2c3dc7ea87360a5ff7d23b2b00abfbec698e771c7c90c51b6fa2346c6c1a

    • SSDEEP

      6144:sgp0yN90QEblqnRgZqLtNs1gvwZm8yFwiqliBa+WytZuVPrO:Gy90HyKZqLte12wew/i0egTO

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks