healer | d5f9fdb092c99c0e38dfe31cb13d557f71881ed0d7da601efad87b505d936629 | Triage

Sharing

General

Target

d5f9fdb092c99c0e38dfe31cb13d557f71881ed0d7da601efad87b505d936629
Size

146KB
Sample

230717-kdt4zaah47
MD5

c97a3ec55e2bd082d4dca9c87c1437cb
SHA1

58bbcac2af1c97e7c4cad39d3af0452f4e070291
SHA256

d5f9fdb092c99c0e38dfe31cb13d557f71881ed0d7da601efad87b505d936629
SHA512

938a14098bf25d63a363f3f9d733c7d86d7a5a9c083a3f86bda9658b32bab14029262d44fc6961ab4a340f7cca105fe64ae63c38d5a60d031274d53d8263275e
SSDEEP

3072:O4SDwn4uzz7wjiR6ZwelYpK2+rlEFZzLXfHXW:UDXpjiRCwz8irPXW

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  d5f9fdb092c99c0e38dfe31cb13d557f71881ed0d7da601efad87b505d936629
- Size
  
  146KB
- MD5
  
  c97a3ec55e2bd082d4dca9c87c1437cb
- SHA1
  
  58bbcac2af1c97e7c4cad39d3af0452f4e070291
- SHA256
  
  d5f9fdb092c99c0e38dfe31cb13d557f71881ed0d7da601efad87b505d936629
- SHA512
  
  938a14098bf25d63a363f3f9d733c7d86d7a5a9c083a3f86bda9658b32bab14029262d44fc6961ab4a340f7cca105fe64ae63c38d5a60d031274d53d8263275e
- SSDEEP
  
  3072:O4SDwn4uzz7wjiR6ZwelYpK2+rlEFZzLXfHXW:UDXpjiRCwz8irPXW
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan