healer | 74300b6d43400e327dadddaeb0dcdcf8ef6ac9a34d01bafa43730d0b49404194 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74300b6d43400e327dadddaeb0dcdcf8ef6ac9a34d01bafa43730d0b49404194
Size

295KB
Sample

230716-pl8pjseg56
MD5

d061d4fe53154eda26a80aa94b64fa47
SHA1

f64b33cced915d151d39939d37573abec9206b12
SHA256

74300b6d43400e327dadddaeb0dcdcf8ef6ac9a34d01bafa43730d0b49404194
SHA512

0e0ef22144e6c07fff6c297facc94a35ed041cffbb3f84d594e8791a51efc01431b23d8d5e46af91258d8ad5fc40d7f88f62eedfd12aa40ae859c43ce1c8d59a
SSDEEP

6144:O+oZI0FvxYHw8nJrTc853tpK4ucvgHBfLuGZdmLK77iuQmOc:O+oZv/8/53tpK4uok5Vdme77pQS

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  74300b6d43400e327dadddaeb0dcdcf8ef6ac9a34d01bafa43730d0b49404194
- Size
  
  295KB
- MD5
  
  d061d4fe53154eda26a80aa94b64fa47
- SHA1
  
  f64b33cced915d151d39939d37573abec9206b12
- SHA256
  
  74300b6d43400e327dadddaeb0dcdcf8ef6ac9a34d01bafa43730d0b49404194
- SHA512
  
  0e0ef22144e6c07fff6c297facc94a35ed041cffbb3f84d594e8791a51efc01431b23d8d5e46af91258d8ad5fc40d7f88f62eedfd12aa40ae859c43ce1c8d59a
- SSDEEP
  
  6144:O+oZI0FvxYHw8nJrTc853tpK4ucvgHBfLuGZdmLK77iuQmOc:O+oZv/8/53tpK4uok5Vdme77pQS
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan