healer | 552b9b354061931d952a61527cadd037e1a850ffe6c07bf9511de4caff6ba7cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

552b9b354061931d952a61527cadd037e1a850ffe6c07bf9511de4caff6ba7cb
Size

295KB
Sample

230714-xr7cnsgg4z
MD5

dacc3ec6df6dbdd69b92bd1dac86ec34
SHA1

dac1a285f09a43aef8fb6c163e482dd91b9988a8
SHA256

552b9b354061931d952a61527cadd037e1a850ffe6c07bf9511de4caff6ba7cb
SHA512

3cdcf64f1b01894a9ee365288df011250ab40b4fda741ffffcd4fc089ef9aa0224ff53301bfa7429061e711789f8a85ae6eb255dc75e884c5160bdf1dea0c5bf
SSDEEP

6144:OnFxmF6xYLhgJdnP0hK4T1SkhLRJTiewpDNnRn:OnFCSqK4T1SO9JT/wfn5

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  552b9b354061931d952a61527cadd037e1a850ffe6c07bf9511de4caff6ba7cb
- Size
  
  295KB
- MD5
  
  dacc3ec6df6dbdd69b92bd1dac86ec34
- SHA1
  
  dac1a285f09a43aef8fb6c163e482dd91b9988a8
- SHA256
  
  552b9b354061931d952a61527cadd037e1a850ffe6c07bf9511de4caff6ba7cb
- SHA512
  
  3cdcf64f1b01894a9ee365288df011250ab40b4fda741ffffcd4fc089ef9aa0224ff53301bfa7429061e711789f8a85ae6eb255dc75e884c5160bdf1dea0c5bf
- SSDEEP
  
  6144:OnFxmF6xYLhgJdnP0hK4T1SkhLRJTiewpDNnRn:OnFCSqK4T1SO9JT/wfn5
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan