General

  • Target

    ad58f319d43fb00b4d6779ec9ead79ed47bcfce58abdd98c1b9eb665457261c9

  • Size

    322KB

  • Sample

    241110-b2zvpaxalg

  • MD5

    534ad9640750abab18082ff78a46853a

  • SHA1

    3f4cd16c69ab5407118e8a300b8229f708d35e38

  • SHA256

    ad58f319d43fb00b4d6779ec9ead79ed47bcfce58abdd98c1b9eb665457261c9

  • SHA512

    68430bb9c53738ea57ef563e101af9a6ab7fb355156b5a5f2418d45e62daeec81b84ad6322e6b7b18a912d955d8edbf4bb190c4bedf8e5f4506b12592bab79b4

  • SSDEEP

    6144:KTy+bnr+2p0yN90QEIDc5kio5HeUhVquy3L+vWnNH:VMrey90b5yZe/usL+vWnN

Malware Config

Targets

    • Target

      ad58f319d43fb00b4d6779ec9ead79ed47bcfce58abdd98c1b9eb665457261c9

    • Size

      322KB

    • MD5

      534ad9640750abab18082ff78a46853a

    • SHA1

      3f4cd16c69ab5407118e8a300b8229f708d35e38

    • SHA256

      ad58f319d43fb00b4d6779ec9ead79ed47bcfce58abdd98c1b9eb665457261c9

    • SHA512

      68430bb9c53738ea57ef563e101af9a6ab7fb355156b5a5f2418d45e62daeec81b84ad6322e6b7b18a912d955d8edbf4bb190c4bedf8e5f4506b12592bab79b4

    • SSDEEP

      6144:KTy+bnr+2p0yN90QEIDc5kio5HeUhVquy3L+vWnNH:VMrey90b5yZe/usL+vWnN

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks