General

  • Target

    2199b5e9be572887250bf0a41592b95b42035b2d059541e9c050cebfa7ed8bbd.exe

  • Size

    336KB

  • Sample

    241112-zn9dzazmhy

  • MD5

    efbe661f244bd7138a836c71b14899e9

  • SHA1

    8447e2f272a00b75468af87223056085ce21b8de

  • SHA256

    2199b5e9be572887250bf0a41592b95b42035b2d059541e9c050cebfa7ed8bbd

  • SHA512

    b4be73d9ce8dd19d2d58f3be227874eb939138aaf36c748f4c4d477a350d35dfdee676ad964a7bccda1afd931438e39ed47f1648b6525152ef4ddb78820c6ed3

  • SSDEEP

    6144:oOZDLXQJyYgjOhtr5FR45lhLA1TSFU0FuW7/KTSI:oOZDDQJyYgaV7453pueASI

Malware Config

Targets

    • Target

      2199b5e9be572887250bf0a41592b95b42035b2d059541e9c050cebfa7ed8bbd.exe

    • Size

      336KB

    • MD5

      efbe661f244bd7138a836c71b14899e9

    • SHA1

      8447e2f272a00b75468af87223056085ce21b8de

    • SHA256

      2199b5e9be572887250bf0a41592b95b42035b2d059541e9c050cebfa7ed8bbd

    • SHA512

      b4be73d9ce8dd19d2d58f3be227874eb939138aaf36c748f4c4d477a350d35dfdee676ad964a7bccda1afd931438e39ed47f1648b6525152ef4ddb78820c6ed3

    • SSDEEP

      6144:oOZDLXQJyYgjOhtr5FR45lhLA1TSFU0FuW7/KTSI:oOZDDQJyYgaV7453pueASI

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Windows security modification

MITRE ATT&CK Enterprise v15

Tasks