General

  • Target

    277a78fee8ddfdc365dd187a34ee827448563befdf94f9bd8bdbec76b6d24d23N

  • Size

    414KB

  • Sample

    241110-ch1hjszncm

  • MD5

    4e72f6d8a0629095ff69681713b84f00

  • SHA1

    807843901fc90e6512b295bbd9b5339710ed85da

  • SHA256

    277a78fee8ddfdc365dd187a34ee827448563befdf94f9bd8bdbec76b6d24d23

  • SHA512

    05645af3ae4e635820aeac4ecd9c25f100ce6be227c26df28b8bc7890d43d68bf7c122b38c2e8bc9c73f9fb6dacaad1ab998b9bf0e30625cdacb44fdcc7b46c4

  • SSDEEP

    6144:Vmp0yN90QEdrt8fS7LT1iXm3P3Ede/hv8zzNLrCVj9wLq5rDl:Zy90/tLJP8Cv8zzNLrCVj5d

Malware Config

Targets

    • Target

      277a78fee8ddfdc365dd187a34ee827448563befdf94f9bd8bdbec76b6d24d23N

    • Size

      414KB

    • MD5

      4e72f6d8a0629095ff69681713b84f00

    • SHA1

      807843901fc90e6512b295bbd9b5339710ed85da

    • SHA256

      277a78fee8ddfdc365dd187a34ee827448563befdf94f9bd8bdbec76b6d24d23

    • SHA512

      05645af3ae4e635820aeac4ecd9c25f100ce6be227c26df28b8bc7890d43d68bf7c122b38c2e8bc9c73f9fb6dacaad1ab998b9bf0e30625cdacb44fdcc7b46c4

    • SSDEEP

      6144:Vmp0yN90QEdrt8fS7LT1iXm3P3Ede/hv8zzNLrCVj9wLq5rDl:Zy90/tLJP8Cv8zzNLrCVj5d

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks