General

  • Target

    a5438b58449830f16f6af05441973d11f737e3581b7dc52265b4e2d753b42e17

  • Size

    414KB

  • Sample

    241113-kp4sjs1rgp

  • MD5

    c9d7c3a435f7fcdfa671a167413b24f0

  • SHA1

    1f1627aae5112105064c0800dc3364149b658d6e

  • SHA256

    a5438b58449830f16f6af05441973d11f737e3581b7dc52265b4e2d753b42e17

  • SHA512

    a82fac12253096b75371937012f6a59bd5632ebc1e5029af211ad5cd66461968999783a75e2f4a1adcb5bd8d791844090415ec7278ab3cc1858ef4dfa514521c

  • SSDEEP

    6144:lpp0yN90QE8rt8fS7LT1iXm3Pv0uD5nRjF0njvJfxspyajDatLhDSy:Cy90qtLJPHtVF0n3q9jDatLh3

Malware Config

Targets

    • Target

      a5438b58449830f16f6af05441973d11f737e3581b7dc52265b4e2d753b42e17

    • Size

      414KB

    • MD5

      c9d7c3a435f7fcdfa671a167413b24f0

    • SHA1

      1f1627aae5112105064c0800dc3364149b658d6e

    • SHA256

      a5438b58449830f16f6af05441973d11f737e3581b7dc52265b4e2d753b42e17

    • SHA512

      a82fac12253096b75371937012f6a59bd5632ebc1e5029af211ad5cd66461968999783a75e2f4a1adcb5bd8d791844090415ec7278ab3cc1858ef4dfa514521c

    • SSDEEP

      6144:lpp0yN90QE8rt8fS7LT1iXm3Pv0uD5nRjF0njvJfxspyajDatLhDSy:Cy90qtLJPHtVF0n3q9jDatLh3

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks