healer | 52a606bad0c69d2074a766dc169949c7b48ff2c1922fcd5842d7ffc932f9e9c9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52a606bad0c69d2074a766dc169949c7b48ff2c1922fcd5842d7ffc932f9e9c9
Size

318KB
Sample

230716-tjfcfagd2y
MD5

c1f8c0c194db1b7474ea589b8a4449af
SHA1

6b34a279fb7eba27604b33cf8279e56aa4a99538
SHA256

52a606bad0c69d2074a766dc169949c7b48ff2c1922fcd5842d7ffc932f9e9c9
SHA512

a1a0610fbff6779cce73c328478b2aeaefe4265d33a63c2f3802c38835161abe27fa75438884535f661841aa071dca1b0a16e2bd0086f9d05b0fcddbcd507879
SSDEEP

6144:rSCF7fpB74VaJb1jD1Mth6yNcX2RFZTDs0YZuJhV2d2e:WCF7fpBdhMth6yFRXDvuuJF

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  52a606bad0c69d2074a766dc169949c7b48ff2c1922fcd5842d7ffc932f9e9c9
- Size
  
  318KB
- MD5
  
  c1f8c0c194db1b7474ea589b8a4449af
- SHA1
  
  6b34a279fb7eba27604b33cf8279e56aa4a99538
- SHA256
  
  52a606bad0c69d2074a766dc169949c7b48ff2c1922fcd5842d7ffc932f9e9c9
- SHA512
  
  a1a0610fbff6779cce73c328478b2aeaefe4265d33a63c2f3802c38835161abe27fa75438884535f661841aa071dca1b0a16e2bd0086f9d05b0fcddbcd507879
- SSDEEP
  
  6144:rSCF7fpB74VaJb1jD1Mth6yNcX2RFZTDs0YZuJhV2d2e:WCF7fpBdhMth6yFRXDvuuJF
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan