General

  • Target

    d040c449b3ff480a9f6314a994bc606a1ec5ba5deccb73cfdcfb6fd990cf533dN

  • Size

    364KB

  • Sample

    241110-chewvaxcrd

  • MD5

    1b9e2ce07a9507b253fd23f84b669580

  • SHA1

    b8b9830b06786ec18170823fa285e49aa2696e82

  • SHA256

    d040c449b3ff480a9f6314a994bc606a1ec5ba5deccb73cfdcfb6fd990cf533d

  • SHA512

    95472470e67cf2954a67838aa958c21d34362ffed4e66b931c1f8fff68f91ac81a61e76955e2fa30fc9db52b65cd22a08cd0f9646850e052e1fa62b4a76ab928

  • SSDEEP

    6144:KHy+bnr++p0yN90QE43UlDy+U8ur8C29mup3EMvwLdyKADVIyZo5+0NNvHdPQCzP:VMrWy90fld+r8CxqEAwK9ZoY0HlQCB6Q

Malware Config

Targets

    • Target

      d040c449b3ff480a9f6314a994bc606a1ec5ba5deccb73cfdcfb6fd990cf533dN

    • Size

      364KB

    • MD5

      1b9e2ce07a9507b253fd23f84b669580

    • SHA1

      b8b9830b06786ec18170823fa285e49aa2696e82

    • SHA256

      d040c449b3ff480a9f6314a994bc606a1ec5ba5deccb73cfdcfb6fd990cf533d

    • SHA512

      95472470e67cf2954a67838aa958c21d34362ffed4e66b931c1f8fff68f91ac81a61e76955e2fa30fc9db52b65cd22a08cd0f9646850e052e1fa62b4a76ab928

    • SSDEEP

      6144:KHy+bnr++p0yN90QE43UlDy+U8ur8C29mup3EMvwLdyKADVIyZo5+0NNvHdPQCzP:VMrWy90fld+r8CxqEAwK9ZoY0HlQCB6Q

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks