General
-
Target
77b8f98b212a146fcd93814336672b1a3b0731e528135fe316c25dd1770d0416.exe
-
Size
717KB
-
Sample
241112-nmf59a1jex
-
MD5
1445c78f2643cafaec078076392e4a12
-
SHA1
025a42f7bccae8ec69fc8425f1fba7d413231c69
-
SHA256
77b8f98b212a146fcd93814336672b1a3b0731e528135fe316c25dd1770d0416
-
SHA512
767cc7e076cdc5a7471b428a49bd9f1597dccb210718f0bcf4eb6aa686e747cd04f7bab85435f3ed4f087e9becf1415bdff4d632a4824fca87f82531c1e2008a
-
SSDEEP
12288:sy90xmrpSmIwi/42zKWtTK3AFD987N9P3YwR7PTlqRpn4nvkHwlE+E2bgtlI5:syTrzidtPP8JJ3Ywlrlqr4Kw++PbgQ5
Static task
static1
Malware Config
Targets
-
-
Target
77b8f98b212a146fcd93814336672b1a3b0731e528135fe316c25dd1770d0416.exe
-
Size
717KB
-
MD5
1445c78f2643cafaec078076392e4a12
-
SHA1
025a42f7bccae8ec69fc8425f1fba7d413231c69
-
SHA256
77b8f98b212a146fcd93814336672b1a3b0731e528135fe316c25dd1770d0416
-
SHA512
767cc7e076cdc5a7471b428a49bd9f1597dccb210718f0bcf4eb6aa686e747cd04f7bab85435f3ed4f087e9becf1415bdff4d632a4824fca87f82531c1e2008a
-
SSDEEP
12288:sy90xmrpSmIwi/42zKWtTK3AFD987N9P3YwR7PTlqRpn4nvkHwlE+E2bgtlI5:syTrzidtPP8JJ3Ywlrlqr4Kw++PbgQ5
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1