healer | 8b58b7434535efd6fe3100428e717e7f17d2cf7ccab50a7abd4e4b22dc0409f4 | Triage

Sharing

General

Target

8b58b7434535efd6fe3100428e717e7f17d2cf7ccab50a7abd4e4b22dc0409f4
Size

294KB
Sample

230716-jq8mfsdc29
MD5

c90b5d91846988459ce2549eba956d87
SHA1

746b5f911dab25746f23ff4291f2353ed7e4a050
SHA256

8b58b7434535efd6fe3100428e717e7f17d2cf7ccab50a7abd4e4b22dc0409f4
SHA512

f37e7d63b0d3842774aadf91bc371366d1006a563bb67ae660fa7804fc0fe4c91e758445997c8a724477ecf8196882368fe4b4458330e0f730b6a0dadfde6b53
SSDEEP

6144:C3K7mFKxAaY3iWvkMK4+Ie0oiMukeZ8wYBWC7O:C3KsV3HvvK4+H0Z0wYECq

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  8b58b7434535efd6fe3100428e717e7f17d2cf7ccab50a7abd4e4b22dc0409f4
- Size
  
  294KB
- MD5
  
  c90b5d91846988459ce2549eba956d87
- SHA1
  
  746b5f911dab25746f23ff4291f2353ed7e4a050
- SHA256
  
  8b58b7434535efd6fe3100428e717e7f17d2cf7ccab50a7abd4e4b22dc0409f4
- SHA512
  
  f37e7d63b0d3842774aadf91bc371366d1006a563bb67ae660fa7804fc0fe4c91e758445997c8a724477ecf8196882368fe4b4458330e0f730b6a0dadfde6b53
- SSDEEP
  
  6144:C3K7mFKxAaY3iWvkMK4+Ie0oiMukeZ8wYBWC7O:C3KsV3HvvK4+H0Z0wYECq
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan