healer | 059cfd7b743c10ac433ec1e1ce2a5781af7a54418c346c72750adcb817d2bf41 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

059cfd7b743c10ac433ec1e1ce2a5781af7a54418c346c72750adcb817d2bf41
Size

147KB
Sample

230721-wtej1age62
MD5

005b537f42f5ef5c29aedb21ba8eb601
SHA1

d4ecf24f179285b813cd2704465fdbfda57923fb
SHA256

059cfd7b743c10ac433ec1e1ce2a5781af7a54418c346c72750adcb817d2bf41
SHA512

909a4ddf224c22a1eb82e48db155eaea6b5bb7b6c427a5c3e82e09f6e731c65f26bb6688280f7d7f290928c24d30e9528bfca0f7d7c7e5ce6e0bb31c8f1c2039
SSDEEP

3072:KlZ3TFfpCRzzwQjiRb5welYpK23rlx4cLXfHXW:er8LjiRVwz86rPXW

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  059cfd7b743c10ac433ec1e1ce2a5781af7a54418c346c72750adcb817d2bf41
- Size
  
  147KB
- MD5
  
  005b537f42f5ef5c29aedb21ba8eb601
- SHA1
  
  d4ecf24f179285b813cd2704465fdbfda57923fb
- SHA256
  
  059cfd7b743c10ac433ec1e1ce2a5781af7a54418c346c72750adcb817d2bf41
- SHA512
  
  909a4ddf224c22a1eb82e48db155eaea6b5bb7b6c427a5c3e82e09f6e731c65f26bb6688280f7d7f290928c24d30e9528bfca0f7d7c7e5ce6e0bb31c8f1c2039
- SSDEEP
  
  3072:KlZ3TFfpCRzzwQjiRb5welYpK23rlx4cLXfHXW:er8LjiRVwz86rPXW
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan