healer | 055a5b24813ce441b7f4d0b252724efde3c059afa0aedadf15a0367c17eb8bcd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

055a5b24813ce441b7f4d0b252724efde3c059afa0aedadf15a0367c17eb8bcd
Size

146KB
Sample

230718-x584eseb6s
MD5

39ce1866cad09288f156ee6218102161
SHA1

283bdd207f653ebb19979bc93825c119c849d853
SHA256

055a5b24813ce441b7f4d0b252724efde3c059afa0aedadf15a0367c17eb8bcd
SHA512

fcdb389786192ea85e04d36d00a681cfcaa38c48cc6dd32daea8b92cceea360ed8f1f6df4ec0f7e215a9892202ef605bfd69021b629b1b80a14723a1756b7774
SSDEEP

3072:KlZ3TFfpCRzzwQjiRb5welYpK23rlx4cLXfHXW:er8LjiRVwz86rPXW

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  055a5b24813ce441b7f4d0b252724efde3c059afa0aedadf15a0367c17eb8bcd
- Size
  
  146KB
- MD5
  
  39ce1866cad09288f156ee6218102161
- SHA1
  
  283bdd207f653ebb19979bc93825c119c849d853
- SHA256
  
  055a5b24813ce441b7f4d0b252724efde3c059afa0aedadf15a0367c17eb8bcd
- SHA512
  
  fcdb389786192ea85e04d36d00a681cfcaa38c48cc6dd32daea8b92cceea360ed8f1f6df4ec0f7e215a9892202ef605bfd69021b629b1b80a14723a1756b7774
- SSDEEP
  
  3072:KlZ3TFfpCRzzwQjiRb5welYpK23rlx4cLXfHXW:er8LjiRVwz86rPXW
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan