General

  • Target

    b6726eb2425619b8e63066f94362b5c47d1cc842b612834de8a08e693f2da8a1.exe

  • Size

    411KB

  • Sample

    241113-w7cbssxbpd

  • MD5

    cd3ab71d4d65acf1da05e0f9651f257b

  • SHA1

    21c4bef3235880bb158957980e7721ca0e38b822

  • SHA256

    b6726eb2425619b8e63066f94362b5c47d1cc842b612834de8a08e693f2da8a1

  • SHA512

    d0cfb831c9a4c9121fc241a9fe27b33288b1a9d3032a2af472761cffb910e593ced6a64b816e5eabfddb5f94c4414b4ee80611b3a6d2acc16a6288aaaca5aa8f

  • SSDEEP

    6144:wRp0yN90QEVe3WMGsXtK58e4YsuIXI9OtSQ6MAsgaAg2oovfr2BTtmW:Ly90SGjsX+8puM5gaAg2t72SW

Malware Config

Targets

    • Target

      b6726eb2425619b8e63066f94362b5c47d1cc842b612834de8a08e693f2da8a1.exe

    • Size

      411KB

    • MD5

      cd3ab71d4d65acf1da05e0f9651f257b

    • SHA1

      21c4bef3235880bb158957980e7721ca0e38b822

    • SHA256

      b6726eb2425619b8e63066f94362b5c47d1cc842b612834de8a08e693f2da8a1

    • SHA512

      d0cfb831c9a4c9121fc241a9fe27b33288b1a9d3032a2af472761cffb910e593ced6a64b816e5eabfddb5f94c4414b4ee80611b3a6d2acc16a6288aaaca5aa8f

    • SSDEEP

      6144:wRp0yN90QEVe3WMGsXtK58e4YsuIXI9OtSQ6MAsgaAg2oovfr2BTtmW:Ly90SGjsX+8puM5gaAg2t72SW

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks