General

  • Target

    e10d4095bdfa9a851ca01cdaf600b31b19dde7a0ee524d0150e1ef54d12ff844

  • Size

    414KB

  • Sample

    241110-d6agps1rhj

  • MD5

    b317f3e78fb3109f0888e7452f8d18e7

  • SHA1

    4a55dcebaa2f6f108d85e60c3d1633d7e2823a8f

  • SHA256

    e10d4095bdfa9a851ca01cdaf600b31b19dde7a0ee524d0150e1ef54d12ff844

  • SHA512

    c543ce9c0336381e4597928119050a2620fa356f7d62fb941f2aafc75afeae2bf733e169201b480b3a347c34d623fee6a64d2c77a638488a37c13ba436720cf5

  • SSDEEP

    6144:Typ0yN90QExrt8fS7LT1iXm3Pd+l5Ko9f9smH4kO4vArockNZKTIJ:Py90rtLJP2jF5JR/KTIJ

Malware Config

Targets

    • Target

      e10d4095bdfa9a851ca01cdaf600b31b19dde7a0ee524d0150e1ef54d12ff844

    • Size

      414KB

    • MD5

      b317f3e78fb3109f0888e7452f8d18e7

    • SHA1

      4a55dcebaa2f6f108d85e60c3d1633d7e2823a8f

    • SHA256

      e10d4095bdfa9a851ca01cdaf600b31b19dde7a0ee524d0150e1ef54d12ff844

    • SHA512

      c543ce9c0336381e4597928119050a2620fa356f7d62fb941f2aafc75afeae2bf733e169201b480b3a347c34d623fee6a64d2c77a638488a37c13ba436720cf5

    • SSDEEP

      6144:Typ0yN90QExrt8fS7LT1iXm3Pd+l5Ko9f9smH4kO4vArockNZKTIJ:Py90rtLJP2jF5JR/KTIJ

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks