General

  • Target

    cb44da3500d5072c21f48c2024b8059c26c177359578fe899e83a05fca26f706N.exe

  • Size

    277KB

  • Sample

    241122-zqfjnsynev

  • MD5

    a5370ea9dce9572ca19a542a85d3f490

  • SHA1

    fa487463efd188aa0a32d509a74ac509f3ba7967

  • SHA256

    cb44da3500d5072c21f48c2024b8059c26c177359578fe899e83a05fca26f706

  • SHA512

    91f648f508efe8e8c976acf8d4cc95034deccf92b19c1b60cf866b7a9f66af0cd7adb505bf8315764ec22506a44b9ff30085e32bae08b2bbeb71be0323e1df40

  • SSDEEP

    6144:A+1zYEa9Vr8URL4FbiBWYC2wwbSQSRYPDWJb:AOzRML4FbiQYC7wbSH

Malware Config

Targets

    • Target

      cb44da3500d5072c21f48c2024b8059c26c177359578fe899e83a05fca26f706N.exe

    • Size

      277KB

    • MD5

      a5370ea9dce9572ca19a542a85d3f490

    • SHA1

      fa487463efd188aa0a32d509a74ac509f3ba7967

    • SHA256

      cb44da3500d5072c21f48c2024b8059c26c177359578fe899e83a05fca26f706

    • SHA512

      91f648f508efe8e8c976acf8d4cc95034deccf92b19c1b60cf866b7a9f66af0cd7adb505bf8315764ec22506a44b9ff30085e32bae08b2bbeb71be0323e1df40

    • SSDEEP

      6144:A+1zYEa9Vr8URL4FbiBWYC2wwbSQSRYPDWJb:AOzRML4FbiQYC7wbSH

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Windows security modification

MITRE ATT&CK Enterprise v15

Tasks