healer | 326312e5415e3d30b5a7094adf811479f0f5c75006e256148673d0ec5233156f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

326312e5415e3d30b5a7094adf811479f0f5c75006e256148673d0ec5233156f
Size

146KB
Sample

230716-wh19mahb5s
MD5

b4705c6be29a77c41c1321c4ae7aad90
SHA1

ddbf48063055109ecb77818234b9173807d3407c
SHA256

326312e5415e3d30b5a7094adf811479f0f5c75006e256148673d0ec5233156f
SHA512

bbc789d33d3e9a27e35e9b212fd96e80ee60082a8496b38a398036523177ca3f367d1e5bf856c5811c720c1c027359412354beb27f6f0851feba83ab2db38c68
SSDEEP

3072:CfFjMGWQXAuzzsHjiR6ZwelYpK4Urls5B6LXfHXW:yoZ7DjiRCwz8frPXW

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  326312e5415e3d30b5a7094adf811479f0f5c75006e256148673d0ec5233156f
- Size
  
  146KB
- MD5
  
  b4705c6be29a77c41c1321c4ae7aad90
- SHA1
  
  ddbf48063055109ecb77818234b9173807d3407c
- SHA256
  
  326312e5415e3d30b5a7094adf811479f0f5c75006e256148673d0ec5233156f
- SHA512
  
  bbc789d33d3e9a27e35e9b212fd96e80ee60082a8496b38a398036523177ca3f367d1e5bf856c5811c720c1c027359412354beb27f6f0851feba83ab2db38c68
- SSDEEP
  
  3072:CfFjMGWQXAuzzsHjiR6ZwelYpK4Urls5B6LXfHXW:yoZ7DjiRCwz8frPXW
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan