healer | c3633a666d492edce524343bb5342e424dbbff625246f0e22c01481aef680d6d | Triage

Sharing

General

Target

c3633a666d492edce524343bb5342e424dbbff625246f0e22c01481aef680d6d
Size

294KB
Sample

230716-q7qarsfc74
MD5

4d14de262414aeb01e0f10bcdd4238dc
SHA1

5dca374ab8522b1399a9fa1ab83b04c88d8da279
SHA256

c3633a666d492edce524343bb5342e424dbbff625246f0e22c01481aef680d6d
SHA512

92261cd7215db837c0c689a3ebe73f43fc872b75a70d535b72d209a398695df73219ee3bd9805587c5805fb76a3628baa4ec26c06aeef40e95e9a98b4facd639
SSDEEP

6144:ZJRMFrmFKx3KUSz+Hl5Vx/3kK4s5FK8ZkJ8TJrAgfSrhN8dlCGqbtVn26+I:PRMF8Gl58K4sE/IHCGItVn26

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  c3633a666d492edce524343bb5342e424dbbff625246f0e22c01481aef680d6d
- Size
  
  294KB
- MD5
  
  4d14de262414aeb01e0f10bcdd4238dc
- SHA1
  
  5dca374ab8522b1399a9fa1ab83b04c88d8da279
- SHA256
  
  c3633a666d492edce524343bb5342e424dbbff625246f0e22c01481aef680d6d
- SHA512
  
  92261cd7215db837c0c689a3ebe73f43fc872b75a70d535b72d209a398695df73219ee3bd9805587c5805fb76a3628baa4ec26c06aeef40e95e9a98b4facd639
- SSDEEP
  
  6144:ZJRMFrmFKx3KUSz+Hl5Vx/3kK4s5FK8ZkJ8TJrAgfSrhN8dlCGqbtVn26+I:PRMF8Gl58K4sE/IHCGItVn26
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan