General
-
Target
713a19e067ce91ddf45952c049a8d835565692cf18461e248ed6c2c5ad6f1aa3N.exe
-
Size
679KB
-
Sample
241111-qahjnazdpe
-
MD5
9bd02adc9994019bf85b9b1cb38b7453
-
SHA1
2f0e8b8d73537558dd55f159402ee084705b1905
-
SHA256
bbaf0740f94f2373adab301820629fd3f928310947fbf9fb8a14def1d47a566d
-
SHA512
674f6ef4216e39f59dacfdb0a962b6050c7216841732adbdb4df089438d6679abc78e81844ce87ca758fdd55c9d1819751a908db2492eb3ae6e96c52aafa011c
-
SSDEEP
12288:ly90smrpSmIwi/42zKWtTK3AFDvDYWY8eHjhdU3p5U4/WwpXM5j0:ly2rzidtP1EsW0vA0
Static task
static1
Malware Config
Targets
-
-
Target
713a19e067ce91ddf45952c049a8d835565692cf18461e248ed6c2c5ad6f1aa3N.exe
-
Size
679KB
-
MD5
9bd02adc9994019bf85b9b1cb38b7453
-
SHA1
2f0e8b8d73537558dd55f159402ee084705b1905
-
SHA256
bbaf0740f94f2373adab301820629fd3f928310947fbf9fb8a14def1d47a566d
-
SHA512
674f6ef4216e39f59dacfdb0a962b6050c7216841732adbdb4df089438d6679abc78e81844ce87ca758fdd55c9d1819751a908db2492eb3ae6e96c52aafa011c
-
SSDEEP
12288:ly90smrpSmIwi/42zKWtTK3AFDvDYWY8eHjhdU3p5U4/WwpXM5j0:ly2rzidtP1EsW0vA0
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1