General

  • Target

    b8d80be864192726c0290dc3da4fed64bfeba842d3c69d59d016279679642134

  • Size

    176KB

  • Sample

    241110-chmlpawngv

  • MD5

    fbc2ec1866ca1aa447f617b386247001

  • SHA1

    5c1e03cb279ab6a713645779bbabf8e6a066ad65

  • SHA256

    b8d80be864192726c0290dc3da4fed64bfeba842d3c69d59d016279679642134

  • SHA512

    aef417003f3c5e8c3ff633102db766cff4a294c9560387c5e9a97875e4424b920b62c5813a9befc934cd4f97f7f6abd847729c8bc96c712faa08862782c4b778

  • SSDEEP

    3072:8DKW1LgppLRHMY0TBfJvjcTp5XEP1eNVETJ2K:8DKW1Lgbdl0TBBvjc/MT

Malware Config

Targets

    • Target

      b8d80be864192726c0290dc3da4fed64bfeba842d3c69d59d016279679642134

    • Size

      176KB

    • MD5

      fbc2ec1866ca1aa447f617b386247001

    • SHA1

      5c1e03cb279ab6a713645779bbabf8e6a066ad65

    • SHA256

      b8d80be864192726c0290dc3da4fed64bfeba842d3c69d59d016279679642134

    • SHA512

      aef417003f3c5e8c3ff633102db766cff4a294c9560387c5e9a97875e4424b920b62c5813a9befc934cd4f97f7f6abd847729c8bc96c712faa08862782c4b778

    • SSDEEP

      3072:8DKW1LgppLRHMY0TBfJvjcTp5XEP1eNVETJ2K:8DKW1Lgbdl0TBBvjc/MT

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Windows security modification

MITRE ATT&CK Enterprise v15

Tasks