healer | 729590b2da1205c3abf57716cd7013fefaa9c78d9077575ff57ff5c08dcb8a0a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

729590b2da1205c3abf57716cd7013fefaa9c78d9077575ff57ff5c08dcb8a0a
Size

146KB
Sample

230717-px4vqsbg95
MD5

6d955911dbf32a0b4f15084c500f36c2
SHA1

d1c8e5513d64b002bd6846d7cda5dbee5b001339
SHA256

729590b2da1205c3abf57716cd7013fefaa9c78d9077575ff57ff5c08dcb8a0a
SHA512

a3bd3cce8bb1b81b036a0f98a9fc75adb3180f105cdc623c67886d70c0013c45c30fd5d17b8ea497a4082ccda5ebb112274a6528c348301dbf02f5900f784bc0
SSDEEP

3072:S7Elmu8oUcVezz7EjiRKpwelYpKLUrlfkfLXfHXW:SAlmPChjiRiwzcRrPXW

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  729590b2da1205c3abf57716cd7013fefaa9c78d9077575ff57ff5c08dcb8a0a
- Size
  
  146KB
- MD5
  
  6d955911dbf32a0b4f15084c500f36c2
- SHA1
  
  d1c8e5513d64b002bd6846d7cda5dbee5b001339
- SHA256
  
  729590b2da1205c3abf57716cd7013fefaa9c78d9077575ff57ff5c08dcb8a0a
- SHA512
  
  a3bd3cce8bb1b81b036a0f98a9fc75adb3180f105cdc623c67886d70c0013c45c30fd5d17b8ea497a4082ccda5ebb112274a6528c348301dbf02f5900f784bc0
- SSDEEP
  
  3072:S7Elmu8oUcVezz7EjiRKpwelYpKLUrlfkfLXfHXW:SAlmPChjiRiwzcRrPXW
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan