Overview

overview

10

Static

static

3

tice9702.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tice9702.exe

  • Size

    325KB

  • Sample

    241202-q4kk4s1rak

  • MD5

    51d73bfc9913bc9a42c866f70c2b1562

  • SHA1

    37aa36e5541a34034d1dfb6e2365e888ae296b74

  • SHA256

    1e82b967ea2e04751590ef8060b5f895164eddca002bc98407174393c83c595c

  • SHA512

    6f7a4c79d0e37b7ef892c6791875eec55b09e466928e57a87ba3108f03999d377be0c2520a78f32ddf2e5c11d403372690db7a21b6ea6d8f9a3e5223955223ba

  • SSDEEP

    6144:KRy+bnr+1p0yN90QE3V21EO8LLKvB6r+gHBtb2U3aoNJ5:XMr1y9061cow+6oURNJ5

Score
10/10
healerdiscoverydropperevasionpersistencetrojan

Malware Config

Targets

    • Target

      tice9702.exe

    • Size

      325KB

    • MD5

      51d73bfc9913bc9a42c866f70c2b1562

    • SHA1

      37aa36e5541a34034d1dfb6e2365e888ae296b74

    • SHA256

      1e82b967ea2e04751590ef8060b5f895164eddca002bc98407174393c83c595c

    • SHA512

      6f7a4c79d0e37b7ef892c6791875eec55b09e466928e57a87ba3108f03999d377be0c2520a78f32ddf2e5c11d403372690db7a21b6ea6d8f9a3e5223955223ba

    • SSDEEP

      6144:KRy+bnr+1p0yN90QE3V21EO8LLKvB6r+gHBtb2U3aoNJ5:XMr1y9061cow+6oURNJ5

    Score
    10/10
    healerdiscoverydropperevasionpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Healer family

      healer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks