healer | 3078d5d14e17c730d9b2faad2487986fe70ba38a34b6aa922b6e2e03f4ef5f30 | Triage

Sharing

General

Target

3078d5d14e17c730d9b2faad2487986fe70ba38a34b6aa922b6e2e03f4ef5f30
Size

147KB
Sample

230720-br2xasce9x
MD5

7a8b19aeb6706225431d77c81247cf8f
SHA1

5139bb3bb4ab97487f01fe3ddb2ba0c22c7c4c4e
SHA256

3078d5d14e17c730d9b2faad2487986fe70ba38a34b6aa922b6e2e03f4ef5f30
SHA512

f09808d0b456c438385bb6e090ed8f6abc030f38fb097d0d896390da9d058d30088b44fb477237f4602603d0d61d687996c916c896dca03285d7ccebf06dea00
SSDEEP

3072:KlZ3TFfpCRzzwQjiRb5welYpK23rlx4cLXfHXW:er8LjiRVwz86rPXW

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  3078d5d14e17c730d9b2faad2487986fe70ba38a34b6aa922b6e2e03f4ef5f30
- Size
  
  147KB
- MD5
  
  7a8b19aeb6706225431d77c81247cf8f
- SHA1
  
  5139bb3bb4ab97487f01fe3ddb2ba0c22c7c4c4e
- SHA256
  
  3078d5d14e17c730d9b2faad2487986fe70ba38a34b6aa922b6e2e03f4ef5f30
- SHA512
  
  f09808d0b456c438385bb6e090ed8f6abc030f38fb097d0d896390da9d058d30088b44fb477237f4602603d0d61d687996c916c896dca03285d7ccebf06dea00
- SSDEEP
  
  3072:KlZ3TFfpCRzzwQjiRb5welYpK23rlx4cLXfHXW:er8LjiRVwz86rPXW
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan