General

  • Target

    ea8495c7321dbad7107b7fbc3cb4e87664a754903b077bb8d376c1e51925fc58

  • Size

    358KB

  • Sample

    241110-ejkvlaymes

  • MD5

    e652747f680b83df9d55a54202c41ba9

  • SHA1

    34c6532805b962a8146bdd6168d154a3f62c2f8a

  • SHA256

    ea8495c7321dbad7107b7fbc3cb4e87664a754903b077bb8d376c1e51925fc58

  • SHA512

    1cc8f19d67218ba26ca1f8edf8a7154532bc91861a18e0a45e59b7ab69434f2e0feb627c2fe2b22a796dbdb06a446cec509f7f4415617efc29759620d2087414

  • SSDEEP

    6144:KHy+bnr+2p0yN90QEP125P+MxZpT8OCPb3ARjP4HUhoi0TSZTRoIf9z0SNz8rQ:9Mr6y901125NxUOkbSRunIaIlz+M

Malware Config

Targets

    • Target

      ea8495c7321dbad7107b7fbc3cb4e87664a754903b077bb8d376c1e51925fc58

    • Size

      358KB

    • MD5

      e652747f680b83df9d55a54202c41ba9

    • SHA1

      34c6532805b962a8146bdd6168d154a3f62c2f8a

    • SHA256

      ea8495c7321dbad7107b7fbc3cb4e87664a754903b077bb8d376c1e51925fc58

    • SHA512

      1cc8f19d67218ba26ca1f8edf8a7154532bc91861a18e0a45e59b7ab69434f2e0feb627c2fe2b22a796dbdb06a446cec509f7f4415617efc29759620d2087414

    • SSDEEP

      6144:KHy+bnr+2p0yN90QEP125P+MxZpT8OCPb3ARjP4HUhoi0TSZTRoIf9z0SNz8rQ:9Mr6y901125NxUOkbSRunIaIlz+M

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks