General

  • Target

    5d5040b6f8098e7007521aeef1559940bb2234ebd4de0935866f8c417c4eab0c.exe

  • Size

    332KB

  • Sample

    241113-vjv9bswbme

  • MD5

    eca4ec7ede5e16756a31ba63fc05413b

  • SHA1

    ed38a8f46ce0ab8ea2dd2e3b7544d5a70d803d83

  • SHA256

    5d5040b6f8098e7007521aeef1559940bb2234ebd4de0935866f8c417c4eab0c

  • SHA512

    5ac925e2c17163f47ac3a12fd245fdb9380fe656d45b75dc52c86a40006979e15ab4d26671e75289f89177e8e74c287e4be166030d71080eec8cdb40b544caef

  • SSDEEP

    6144:KQy+bnr+ep0yN90QEfPMcTnzg5jTkynUlw3Gdiuy8Ll5ZaehSeB:MMrmy90JPgABlw3Yby8LlzzSeB

Malware Config

Targets

    • Target

      5d5040b6f8098e7007521aeef1559940bb2234ebd4de0935866f8c417c4eab0c.exe

    • Size

      332KB

    • MD5

      eca4ec7ede5e16756a31ba63fc05413b

    • SHA1

      ed38a8f46ce0ab8ea2dd2e3b7544d5a70d803d83

    • SHA256

      5d5040b6f8098e7007521aeef1559940bb2234ebd4de0935866f8c417c4eab0c

    • SHA512

      5ac925e2c17163f47ac3a12fd245fdb9380fe656d45b75dc52c86a40006979e15ab4d26671e75289f89177e8e74c287e4be166030d71080eec8cdb40b544caef

    • SSDEEP

      6144:KQy+bnr+ep0yN90QEfPMcTnzg5jTkynUlw3Gdiuy8Ll5ZaehSeB:MMrmy90JPgABlw3Yby8LlzzSeB

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks