healer | f3c7bf7ed0dd6d617a37469532a4d89bfaad1e62738b1ef0b1717f1526c4e230 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

767468feb9...cs.exe

windows7-x64

767468feb9...cs.exe

windows10-2004-x64

Sharing

General

Target

767468feb9d99c006877e12451b92a00_NeikiAnalytics
Size

299KB
Sample

240510-fmqqpacd5w
MD5

767468feb9d99c006877e12451b92a00
SHA1

b72e15b74e01ac845e9e3cf78f5586ce166e29de
SHA256

f3c7bf7ed0dd6d617a37469532a4d89bfaad1e62738b1ef0b1717f1526c4e230
SHA512

ea1ed31c8bbf42682b1b781a02983601e62b0647ddc8138ea92f0c587127c9160bce25ba7dea46a6dcae8d843c3cb02c7f7c354e9f9f7996a21de609dd5a5354
SSDEEP

6144:U8JFx8y2h+Gy1SPvPzOi+WsCRmOSCa03JdlYK7RV/QGrcJ5r4ofVIKkop3VVLgYp:9Jz8hh+f1STIOaGdlYK7RV/QGrcJ5r4i

Score

10^/10

healer dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

767468feb9d99c006877e12451b92a00_NeikiAnalytics.exe

Resource

win7-20240508-en

healer dropper evasion trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

767468feb9d99c006877e12451b92a00_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

healer dropper evasion trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  767468feb9d99c006877e12451b92a00_NeikiAnalytics
- Size
  
  299KB
- MD5
  
  767468feb9d99c006877e12451b92a00
- SHA1
  
  b72e15b74e01ac845e9e3cf78f5586ce166e29de
- SHA256
  
  f3c7bf7ed0dd6d617a37469532a4d89bfaad1e62738b1ef0b1717f1526c4e230
- SHA512
  
  ea1ed31c8bbf42682b1b781a02983601e62b0647ddc8138ea92f0c587127c9160bce25ba7dea46a6dcae8d843c3cb02c7f7c354e9f9f7996a21de609dd5a5354
- SSDEEP
  
  6144:U8JFx8y2h+Gy1SPvPzOi+WsCRmOSCa03JdlYK7RV/QGrcJ5r4ofVIKkop3VVLgYp:9Jz8hh+f1STIOaGdlYK7RV/QGrcJ5r4i
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan

behavioral2

healerdropperevasiontrojan

© 2018-2025

Terms | Privacy