healer | 6f24527877c61dc0cfa0517e26742d7d312a777c3bdebc6f294d6504933476ea | Triage

Submit
Reports

Overview

overview

Static

static

3

6c95e49160...KI.exe

windows7-x64

6c95e49160...KI.exe

windows10-2004-x64

Sharing

General

Target

6c95e4916085a47660e9a3d66c2a45c0_NEIKI
Size

257KB
Sample

240507-3t1kssfa51
MD5

6c95e4916085a47660e9a3d66c2a45c0
SHA1

3c8ef07f7d8bd6d392f3dd986012f97b0675f769
SHA256

6f24527877c61dc0cfa0517e26742d7d312a777c3bdebc6f294d6504933476ea
SHA512

76583ba000d1611bdfdf52dfd9ed880b81327f40212b2fd28a324c8762188cc35c33cc362a88c06e395a1db194edb6ba545f7fef71f048e23af369663df059cf
SSDEEP

3072:a8ol3D+/oLEmuldxkqfZ+dOLDt6mWsyLBE4/xjPdCWD/b8r2v5vI2G:6D+pPuqsdOEmWsAW4/HCQ/oyI2G

Score

10^/10

healer dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6c95e4916085a47660e9a3d66c2a45c0_NEIKI.exe

Resource

win7-20240419-en

healer dropper evasion trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

6c95e4916085a47660e9a3d66c2a45c0_NEIKI.exe

Resource

win10v2004-20240419-en

healer dropper evasion trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  6c95e4916085a47660e9a3d66c2a45c0_NEIKI
- Size
  
  257KB
- MD5
  
  6c95e4916085a47660e9a3d66c2a45c0
- SHA1
  
  3c8ef07f7d8bd6d392f3dd986012f97b0675f769
- SHA256
  
  6f24527877c61dc0cfa0517e26742d7d312a777c3bdebc6f294d6504933476ea
- SHA512
  
  76583ba000d1611bdfdf52dfd9ed880b81327f40212b2fd28a324c8762188cc35c33cc362a88c06e395a1db194edb6ba545f7fef71f048e23af369663df059cf
- SSDEEP
  
  3072:a8ol3D+/oLEmuldxkqfZ+dOLDt6mWsyLBE4/xjPdCWD/b8r2v5vI2G:6D+pPuqsdOEmWsAW4/HCQ/oyI2G
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan

behavioral2

healerdropperevasiontrojan

© 2018-2025

Terms | Privacy