healer | ab7b6e19c894abdbf00ced58af45824820fcd7c1349738d9508fc738d5918dcf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab7b6e19c894abdbf00ced58af45824820fcd7c1349738d9508fc738d5918dcf
Size

146KB
Sample

230717-vzlptsef3w
MD5

4ca2b47664cd4441e9d7eb5df3bf5550
SHA1

24ea329f99943f9750746f62a0b681c90ad686dc
SHA256

ab7b6e19c894abdbf00ced58af45824820fcd7c1349738d9508fc738d5918dcf
SHA512

aca4304c3798a98a11da4b1a8440381d7b9a213b91c8caf76e9a89eb6b35d876a93896d7fcbd6cc6430a018c4d30da8c63db4397a261972b0a1ea096673fff3f
SSDEEP

3072:VjQ9Id9uzzBHjiR64welYp73VrlzadLLXfHXW:eSQjiRbwzV6LrPXW

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  ab7b6e19c894abdbf00ced58af45824820fcd7c1349738d9508fc738d5918dcf
- Size
  
  146KB
- MD5
  
  4ca2b47664cd4441e9d7eb5df3bf5550
- SHA1
  
  24ea329f99943f9750746f62a0b681c90ad686dc
- SHA256
  
  ab7b6e19c894abdbf00ced58af45824820fcd7c1349738d9508fc738d5918dcf
- SHA512
  
  aca4304c3798a98a11da4b1a8440381d7b9a213b91c8caf76e9a89eb6b35d876a93896d7fcbd6cc6430a018c4d30da8c63db4397a261972b0a1ea096673fff3f
- SSDEEP
  
  3072:VjQ9Id9uzzBHjiR64welYp73VrlzadLLXfHXW:eSQjiRbwzV6LrPXW
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan