General

  • Target

    06e5e56781574a430a78ffbce493185618ff9686389a0eb970762bc3d7491586.exe

  • Size

    335KB

  • Sample

    241112-q8t1catgpd

  • MD5

    1e0a7205cec8d2b8f4d0d4f62d0d619c

  • SHA1

    c655dee910792e777ad4d30dd11c89a919cce966

  • SHA256

    06e5e56781574a430a78ffbce493185618ff9686389a0eb970762bc3d7491586

  • SHA512

    585d47f9b9ddaf3fad8acbdf825f98849c2bf3187102d275c5cc4cd031d1d26a1b886e67c7506cee5942f2b9ee30cd1e66459a8d3c356accf17f57871ec04646

  • SSDEEP

    6144:Kyy+bnr+vp0yN90QEXM2Lge6EO0YhZn1sRaFduR4bHNZil4rrN1XV:GMrXy90tM2ChZ1We8mSlYrNFV

Malware Config

Targets

    • Target

      06e5e56781574a430a78ffbce493185618ff9686389a0eb970762bc3d7491586.exe

    • Size

      335KB

    • MD5

      1e0a7205cec8d2b8f4d0d4f62d0d619c

    • SHA1

      c655dee910792e777ad4d30dd11c89a919cce966

    • SHA256

      06e5e56781574a430a78ffbce493185618ff9686389a0eb970762bc3d7491586

    • SHA512

      585d47f9b9ddaf3fad8acbdf825f98849c2bf3187102d275c5cc4cd031d1d26a1b886e67c7506cee5942f2b9ee30cd1e66459a8d3c356accf17f57871ec04646

    • SSDEEP

      6144:Kyy+bnr+vp0yN90QEXM2Lge6EO0YhZn1sRaFduR4bHNZil4rrN1XV:GMrXy90tM2ChZ1We8mSlYrNFV

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks