healer | eb418a9a959d700086b5b8eb7d64a6f6d039afa1855ea7d9bc8f190b67d7e460 | Triage

Submit
Reports

Overview

overview

Static

static

3

109fb1344c...cs.exe

windows7-x64

109fb1344c...cs.exe

windows10-2004-x64

Sharing

General

Target

109fb1344c7ea711623f0e1dc4641460_NeikiAnalytics
Size

299KB
Sample

240509-2ddwesdd22
MD5

109fb1344c7ea711623f0e1dc4641460
SHA1

769475366a953e6d1c1da34a88e32f560470ff05
SHA256

eb418a9a959d700086b5b8eb7d64a6f6d039afa1855ea7d9bc8f190b67d7e460
SHA512

ca57cc15e4eee65fa469406cd871a44572fac7a835d715dd73557f39c58286812b65dd0e82ad05dee725b3950845fc61800486f92b35c1b2d2cbb5ae7a68acbc
SSDEEP

6144:P8JFx8y2h+Gy1SPvPzOi+WsCRmOSCa03JdlYK7RV/QGrcJ5r4ofVIKkop3VVLgYp:0Jz8hh+f1STIOaGdlYK7RV/QGrcJ5r4i

Score

10^/10

healer dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

109fb1344c7ea711623f0e1dc4641460_NeikiAnalytics.exe

Resource

win7-20240215-en

healer dropper evasion trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

109fb1344c7ea711623f0e1dc4641460_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

healer dropper evasion trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  109fb1344c7ea711623f0e1dc4641460_NeikiAnalytics
- Size
  
  299KB
- MD5
  
  109fb1344c7ea711623f0e1dc4641460
- SHA1
  
  769475366a953e6d1c1da34a88e32f560470ff05
- SHA256
  
  eb418a9a959d700086b5b8eb7d64a6f6d039afa1855ea7d9bc8f190b67d7e460
- SHA512
  
  ca57cc15e4eee65fa469406cd871a44572fac7a835d715dd73557f39c58286812b65dd0e82ad05dee725b3950845fc61800486f92b35c1b2d2cbb5ae7a68acbc
- SSDEEP
  
  6144:P8JFx8y2h+Gy1SPvPzOi+WsCRmOSCa03JdlYK7RV/QGrcJ5r4ofVIKkop3VVLgYp:0Jz8hh+f1STIOaGdlYK7RV/QGrcJ5r4i
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan

behavioral2

healerdropperevasiontrojan

© 2018-2024

Terms | Privacy