General

  • Target

    79d37d9852499f0144dacd8ea0ad75a89d1fcf3c86b4481d4564f1bd27617d40N.exe

  • Size

    414KB

  • Sample

    241112-rpg24stkaw

  • MD5

    ce6c8a1111bd16790d5eed4f37fa6ca0

  • SHA1

    d9c7957bdb7441aa20ff7ba855f9fd1aa67cb0f1

  • SHA256

    79d37d9852499f0144dacd8ea0ad75a89d1fcf3c86b4481d4564f1bd27617d40

  • SHA512

    67781fe16fd22cc0dac07554ea2b067baf37cb9716c41e0edb046dc7e30fd5e56be241c2e7f5549fb24eefb029ca4f434b61279ef6c2e59f4004651c12ce4628

  • SSDEEP

    6144:awp0yN90QE4rt8fS7LT1iXm3PJO/Ko9f9smH4kO4vArockNBKLIp:Qy90OtLJPodF5JRzKLIp

Malware Config

Targets

    • Target

      79d37d9852499f0144dacd8ea0ad75a89d1fcf3c86b4481d4564f1bd27617d40N.exe

    • Size

      414KB

    • MD5

      ce6c8a1111bd16790d5eed4f37fa6ca0

    • SHA1

      d9c7957bdb7441aa20ff7ba855f9fd1aa67cb0f1

    • SHA256

      79d37d9852499f0144dacd8ea0ad75a89d1fcf3c86b4481d4564f1bd27617d40

    • SHA512

      67781fe16fd22cc0dac07554ea2b067baf37cb9716c41e0edb046dc7e30fd5e56be241c2e7f5549fb24eefb029ca4f434b61279ef6c2e59f4004651c12ce4628

    • SSDEEP

      6144:awp0yN90QE4rt8fS7LT1iXm3PJO/Ko9f9smH4kO4vArockNBKLIp:Qy90OtLJPodF5JRzKLIp

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks