healer | 7bf9c3f63d58a2aa4745815f568440fbefbd18cc76a3b48cbc0981b310ec7b92 | Triage

Sharing

General

Target

7bf9c3f63d58a2aa4745815f568440fbefbd18cc76a3b48cbc0981b310ec7b92
Size

147KB
Sample

230717-jjd49sag25
MD5

7a3434a8a5278e07dafa768de01c9008
SHA1

97a1a75f41d53e5944153a70d0c3248256b0e01c
SHA256

7bf9c3f63d58a2aa4745815f568440fbefbd18cc76a3b48cbc0981b310ec7b92
SHA512

ac7e9a072097796b239591fae6a8c14e8f5364f536a01de90749227cd92367e180a89ccb6f42df29dd54f1f1cca31e83b9cd55c6d4f9b46d824d2859cf08f056
SSDEEP

3072:ziY0m3ghzzHrjiRLawelYplpQ0rlxFnLXfHXW:todjiROwzLeMrPXW

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  7bf9c3f63d58a2aa4745815f568440fbefbd18cc76a3b48cbc0981b310ec7b92
- Size
  
  147KB
- MD5
  
  7a3434a8a5278e07dafa768de01c9008
- SHA1
  
  97a1a75f41d53e5944153a70d0c3248256b0e01c
- SHA256
  
  7bf9c3f63d58a2aa4745815f568440fbefbd18cc76a3b48cbc0981b310ec7b92
- SHA512
  
  ac7e9a072097796b239591fae6a8c14e8f5364f536a01de90749227cd92367e180a89ccb6f42df29dd54f1f1cca31e83b9cd55c6d4f9b46d824d2859cf08f056
- SSDEEP
  
  3072:ziY0m3ghzzHrjiRLawelYplpQ0rlxFnLXfHXW:todjiROwzLeMrPXW
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan