General

  • Target

    a7ebada9a5ecc2c54db4d93d0ab8d4f65e835ac82e8920b198d49aa037b97d2c

  • Size

    407KB

  • Sample

    241110-btlm4awfkn

  • MD5

    43fff5b40ab6f015344ddacd979e3fe9

  • SHA1

    f536d7129771ebd126a56587019ba9315b316ad3

  • SHA256

    a7ebada9a5ecc2c54db4d93d0ab8d4f65e835ac82e8920b198d49aa037b97d2c

  • SHA512

    29c333b00a5092557f36cb22c68015f07a0399249819bbc3ec57b146225ddf42ab2786c3428bfbaf1b45dee7f8009c5a456ce782ed5d36017bc43721abad02b3

  • SSDEEP

    6144:CZp0yN90QEQdlqnRgZqLt4s10ClW6VPO37uKnPkaaAYOCYAp:Vy902XyKZqLtd10CA6Vm379dzCD

Malware Config

Targets

    • Target

      a7ebada9a5ecc2c54db4d93d0ab8d4f65e835ac82e8920b198d49aa037b97d2c

    • Size

      407KB

    • MD5

      43fff5b40ab6f015344ddacd979e3fe9

    • SHA1

      f536d7129771ebd126a56587019ba9315b316ad3

    • SHA256

      a7ebada9a5ecc2c54db4d93d0ab8d4f65e835ac82e8920b198d49aa037b97d2c

    • SHA512

      29c333b00a5092557f36cb22c68015f07a0399249819bbc3ec57b146225ddf42ab2786c3428bfbaf1b45dee7f8009c5a456ce782ed5d36017bc43721abad02b3

    • SSDEEP

      6144:CZp0yN90QEQdlqnRgZqLt4s10ClW6VPO37uKnPkaaAYOCYAp:Vy902XyKZqLtd10CA6Vm379dzCD

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks