General

  • Target

    af640948e845c288475e4c63fad64af32e3d01a33365445008d082e142d96c8f.exe

  • Size

    337KB

  • Sample

    241126-z4a64swqdn

  • MD5

    4fd8b3318182700d2b8a84ad5ecea089

  • SHA1

    a2ad3a42b894fac7d2455340e25d7a91a9768fe9

  • SHA256

    af640948e845c288475e4c63fad64af32e3d01a33365445008d082e142d96c8f

  • SHA512

    51d404cff1e09eb2ad24d10ed46ecef66de8b9a07196f202f968679f4ac353db47f79e1cda3aae207a4166299e23ee39c2d74a8b23fde8235c392bc6c2cd2705

  • SSDEEP

    6144:KDy+bnr+Ip0yN90QEPw7mXtDJPsMfN8O38EQ+lfHeWPaQhqH4dCNz:5MrEy90im9VP7f7LQbWPoCCNz

Malware Config

Targets

    • Target

      af640948e845c288475e4c63fad64af32e3d01a33365445008d082e142d96c8f.exe

    • Size

      337KB

    • MD5

      4fd8b3318182700d2b8a84ad5ecea089

    • SHA1

      a2ad3a42b894fac7d2455340e25d7a91a9768fe9

    • SHA256

      af640948e845c288475e4c63fad64af32e3d01a33365445008d082e142d96c8f

    • SHA512

      51d404cff1e09eb2ad24d10ed46ecef66de8b9a07196f202f968679f4ac353db47f79e1cda3aae207a4166299e23ee39c2d74a8b23fde8235c392bc6c2cd2705

    • SSDEEP

      6144:KDy+bnr+Ip0yN90QEPw7mXtDJPsMfN8O38EQ+lfHeWPaQhqH4dCNz:5MrEy90im9VP7f7LQbWPoCCNz

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks