healer | 70d2e4df54793d08b8e76f1bb1db26721e0398da94dca629ab77bd41cc27fd4e | Triage

Sharing

General

Target

57543bf9a439bf01773d3d508a221fda.exe
Size

21KB
Sample

231010-mw9cqach4v
MD5

57543bf9a439bf01773d3d508a221fda
SHA1

5728a0b9f1856aa5183d15ba00774428be720c35
SHA256

70d2e4df54793d08b8e76f1bb1db26721e0398da94dca629ab77bd41cc27fd4e
SHA512

28f2eb1fef817df513568831ca550564d490f7bd6c46ada8e06b2cd81bbc59bc2d7b9f955dbfc31c6a41237d0d0f8aa40aaac7ae2fabf9902228f6b669b7fe20
SSDEEP

384:rw+1WA2Ni64rKIYiVLpMNJhPxh8E9VF0Nyhe3:rw+gU64r3YidpMNTPxWErC

Score

10^/10

healer dropper evasion trojan

Malware Config

Targets

- Target
  
  57543bf9a439bf01773d3d508a221fda.exe
- Size
  
  21KB
- MD5
  
  57543bf9a439bf01773d3d508a221fda
- SHA1
  
  5728a0b9f1856aa5183d15ba00774428be720c35
- SHA256
  
  70d2e4df54793d08b8e76f1bb1db26721e0398da94dca629ab77bd41cc27fd4e
- SHA512
  
  28f2eb1fef817df513568831ca550564d490f7bd6c46ada8e06b2cd81bbc59bc2d7b9f955dbfc31c6a41237d0d0f8aa40aaac7ae2fabf9902228f6b669b7fe20
- SSDEEP
  
  384:rw+1WA2Ni64rKIYiVLpMNJhPxh8E9VF0Nyhe3:rw+gU64r3YidpMNTPxWErC
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan

behavioral2

healerdropperevasiontrojan