healer | 463a54accd668a0370980d37cfb8b5f20d09b10931cbba80c1adce80d4fb234a | Triage

Sharing

General

Target

463a54accd668a0370980d37cfb8b5f20d09b10931cbba80c1adce80d4fb234a
Size

146KB
Sample

230718-hjbtgahe6y
MD5

9d4d11103d798645241165e91dac9c9a
SHA1

41a6e64efb44c32e3af11536f7c03080901b6b7c
SHA256

463a54accd668a0370980d37cfb8b5f20d09b10931cbba80c1adce80d4fb234a
SHA512

02aa17c04aaeb515936f14a958c7270818a2dcce7c501646e2e06b6b49772a0cbc46663c6e165d4405ee7419cd9eaccd0a6d1f329769cc65f90021ac48b6a74f
SSDEEP

3072:KlZ3TFfpCRzzwQjiRb5welYpK23rlx4cLXfHXW:er8LjiRVwz86rPXW

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  463a54accd668a0370980d37cfb8b5f20d09b10931cbba80c1adce80d4fb234a
- Size
  
  146KB
- MD5
  
  9d4d11103d798645241165e91dac9c9a
- SHA1
  
  41a6e64efb44c32e3af11536f7c03080901b6b7c
- SHA256
  
  463a54accd668a0370980d37cfb8b5f20d09b10931cbba80c1adce80d4fb234a
- SHA512
  
  02aa17c04aaeb515936f14a958c7270818a2dcce7c501646e2e06b6b49772a0cbc46663c6e165d4405ee7419cd9eaccd0a6d1f329769cc65f90021ac48b6a74f
- SSDEEP
  
  3072:KlZ3TFfpCRzzwQjiRb5welYpK23rlx4cLXfHXW:er8LjiRVwz86rPXW
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan