General

  • Target

    9f4663d174eb597978b776f5eaa313cc76568550a3f24e85cf279766393e6b73N.exe

  • Size

    414KB

  • Sample

    241113-j1er5ayakh

  • MD5

    3a3ea6bab34c82873b4b7890c04b5d20

  • SHA1

    f8ac261c8336c1c66245860bb22bddcedc20c0c1

  • SHA256

    9f4663d174eb597978b776f5eaa313cc76568550a3f24e85cf279766393e6b73

  • SHA512

    ca489535ac35d9a1426238b9dba2e1c20207f2a0ffbb7077852b2eb202a1473e25f9ad94ee5dc901a242293c6bd1fe61ad385a4800040c668e527e72f2d70632

  • SSDEEP

    6144:vgp0yN90QEjrt8fS7LT1iXm3PF9LYKo9f9smH4kO4vArockNHKRIg:5y90ZtLJPfAF5JRdKRIg

Malware Config

Targets

    • Target

      9f4663d174eb597978b776f5eaa313cc76568550a3f24e85cf279766393e6b73N.exe

    • Size

      414KB

    • MD5

      3a3ea6bab34c82873b4b7890c04b5d20

    • SHA1

      f8ac261c8336c1c66245860bb22bddcedc20c0c1

    • SHA256

      9f4663d174eb597978b776f5eaa313cc76568550a3f24e85cf279766393e6b73

    • SHA512

      ca489535ac35d9a1426238b9dba2e1c20207f2a0ffbb7077852b2eb202a1473e25f9ad94ee5dc901a242293c6bd1fe61ad385a4800040c668e527e72f2d70632

    • SSDEEP

      6144:vgp0yN90QEjrt8fS7LT1iXm3PF9LYKo9f9smH4kO4vArockNHKRIg:5y90ZtLJPfAF5JRdKRIg

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks