General
-
Target
b6bdaa9ba610cf8b232e7b07e084ac3992fc4c85bce279c8d8d12f722bffb172N.exe
-
Size
479KB
-
Sample
241113-v8625awjav
-
MD5
c5221aea775ae5a8b3057cd548034a00
-
SHA1
80f312104b167fe9420a2263fd1f46cae4c68b50
-
SHA256
b6bdaa9ba610cf8b232e7b07e084ac3992fc4c85bce279c8d8d12f722bffb172
-
SHA512
c7b14c12659400e6b6797f03de457073871f6f6ca1bafde2c38320a2875449ec3771e7ef70983e658ef2f93586b11b87509196289223a42c1f44dafae0a0f3a8
-
SSDEEP
12288:QlLAzydTpoidKmYb0Gkw93vt1rvTdd+MXs:6LAzyP7d/LG3lbTX
Static task
static1
Behavioral task
behavioral1
Sample
b6bdaa9ba610cf8b232e7b07e084ac3992fc4c85bce279c8d8d12f722bffb172N.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
b6bdaa9ba610cf8b232e7b07e084ac3992fc4c85bce279c8d8d12f722bffb172N.exe
-
Size
479KB
-
MD5
c5221aea775ae5a8b3057cd548034a00
-
SHA1
80f312104b167fe9420a2263fd1f46cae4c68b50
-
SHA256
b6bdaa9ba610cf8b232e7b07e084ac3992fc4c85bce279c8d8d12f722bffb172
-
SHA512
c7b14c12659400e6b6797f03de457073871f6f6ca1bafde2c38320a2875449ec3771e7ef70983e658ef2f93586b11b87509196289223a42c1f44dafae0a0f3a8
-
SSDEEP
12288:QlLAzydTpoidKmYb0Gkw93vt1rvTdd+MXs:6LAzyP7d/LG3lbTX
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-