healer | 2461c50b058fd9170d8e1ae41cb330ba6e7dd47b3a4dc167a407b2cf72e76a03 | Triage

Submit
Reports

Overview

overview

Static

static

3

g1543891.exe

windows7-x64

g1543891.exe

windows10-2004-x64

Sharing

General

Target

g1543891.exe
Size

1.6MB
Sample

231013-18tppaeg79
MD5

84dee222dd0d5f514fb27257b9b68d3c
SHA1

60aaa99aeff96d8085cb6e4bec7075e49be6a39b
SHA256

2461c50b058fd9170d8e1ae41cb330ba6e7dd47b3a4dc167a407b2cf72e76a03
SHA512

9725acbb0c4dc834cf3c6bafe22a558fd51ed8c9378b02e71ec82bc48b69d0a568469430edd1875107b1d9c6a9d16ddfabcdfcbe4b7d92c4d06e48536206fae5
SSDEEP

24576:/MyRAcDK7uQIkRzZ+Cr3ikEREtjM6a9Dhvhg+:RACQIkRzZ+/kG6a3vL

Score

10^/10

healer dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

g1543891.exe

Resource

win7-20230831-en

healer dropper evasion trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

g1543891.exe

Resource

win10v2004-20230915-en

healer dropper evasion trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  g1543891.exe
- Size
  
  1.6MB
- MD5
  
  84dee222dd0d5f514fb27257b9b68d3c
- SHA1
  
  60aaa99aeff96d8085cb6e4bec7075e49be6a39b
- SHA256
  
  2461c50b058fd9170d8e1ae41cb330ba6e7dd47b3a4dc167a407b2cf72e76a03
- SHA512
  
  9725acbb0c4dc834cf3c6bafe22a558fd51ed8c9378b02e71ec82bc48b69d0a568469430edd1875107b1d9c6a9d16ddfabcdfcbe4b7d92c4d06e48536206fae5
- SSDEEP
  
  24576:/MyRAcDK7uQIkRzZ+Cr3ikEREtjM6a9Dhvhg+:RACQIkRzZ+/kG6a3vL
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan

behavioral2

healerdropperevasiontrojan

© 2018-2025

Terms | Privacy