General

  • Target

    05702e202b41e709e1b56f18541013b12e6c23c04888eca99a908b25ddcb55f3N.exe

  • Size

    331KB

  • Sample

    241113-v1chjswdrd

  • MD5

    bf7a156a4f543e5b591da81368ee6d40

  • SHA1

    4fa2240b1ccab13f7da184d1c59301673e58c801

  • SHA256

    05702e202b41e709e1b56f18541013b12e6c23c04888eca99a908b25ddcb55f3

  • SHA512

    41838cd02025ebb47de1ed7e30d200d6820d5a461659bb6e1ce17b068c5ab52f483da5191d27b966aaa7231d1c3b5a22a1ec3c9bfa522ab640fcf3a54a16aac1

  • SSDEEP

    6144:Kky+bnr+mp0yN90QEWdATDBudc+F+eiQoc4MwS0C2JmNUyZ9mgFZ5o4/pu:cMruy90PDkdT+eiQEMNUy/mWZer

Malware Config

Targets

    • Target

      05702e202b41e709e1b56f18541013b12e6c23c04888eca99a908b25ddcb55f3N.exe

    • Size

      331KB

    • MD5

      bf7a156a4f543e5b591da81368ee6d40

    • SHA1

      4fa2240b1ccab13f7da184d1c59301673e58c801

    • SHA256

      05702e202b41e709e1b56f18541013b12e6c23c04888eca99a908b25ddcb55f3

    • SHA512

      41838cd02025ebb47de1ed7e30d200d6820d5a461659bb6e1ce17b068c5ab52f483da5191d27b966aaa7231d1c3b5a22a1ec3c9bfa522ab640fcf3a54a16aac1

    • SSDEEP

      6144:Kky+bnr+mp0yN90QEWdATDBudc+F+eiQoc4MwS0C2JmNUyZ9mgFZ5o4/pu:cMruy90PDkdT+eiQEMNUy/mWZer

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks