General

  • Target

    bb234cb7c9ffa7796e9dbad49bac294c0d9802dc80cb762429f9393940b65d4f

  • Size

    321KB

  • Sample

    241110-clgvlswpdy

  • MD5

    f6283e756b5fb20de9554c3a95dfcf5d

  • SHA1

    5aa2f482d97973d7fc7a8c64508d47feeb350b1b

  • SHA256

    bb234cb7c9ffa7796e9dbad49bac294c0d9802dc80cb762429f9393940b65d4f

  • SHA512

    06381a24aac2a1671a30f0012f01a45e367672b65c43315e0396323a542fc613576fe046d01accac08767ed78deba477ed1b6f9ed65cfa8d9fa570f26ad33c99

  • SSDEEP

    6144:K4y+bnr+Op0yN90QEHbuhwsfnUJzfkOPENbv6eP9lW//:cMray908hxnabYv6gXm

Malware Config

Targets

    • Target

      bb234cb7c9ffa7796e9dbad49bac294c0d9802dc80cb762429f9393940b65d4f

    • Size

      321KB

    • MD5

      f6283e756b5fb20de9554c3a95dfcf5d

    • SHA1

      5aa2f482d97973d7fc7a8c64508d47feeb350b1b

    • SHA256

      bb234cb7c9ffa7796e9dbad49bac294c0d9802dc80cb762429f9393940b65d4f

    • SHA512

      06381a24aac2a1671a30f0012f01a45e367672b65c43315e0396323a542fc613576fe046d01accac08767ed78deba477ed1b6f9ed65cfa8d9fa570f26ad33c99

    • SSDEEP

      6144:K4y+bnr+Op0yN90QEHbuhwsfnUJzfkOPENbv6eP9lW//:cMray908hxnabYv6gXm

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks