healer | 54eb80bbaf5b0a6d578a6f3b4416ff1b6ce876df518bb85f5931b79ddf144538 | Triage

Submit
Reports

Overview

overview

Static

static

3

956bd51765...cs.exe

windows7-x64

956bd51765...cs.exe

windows10-2004-x64

Sharing

General

Target

956bd517657fbc0ac22ad634235ff6b0_NeikiAnalytics
Size

299KB
Sample

240510-hlbaqagf5z
MD5

956bd517657fbc0ac22ad634235ff6b0
SHA1

d70f3cf2647776857bb6ca2ad50c2615c1096276
SHA256

54eb80bbaf5b0a6d578a6f3b4416ff1b6ce876df518bb85f5931b79ddf144538
SHA512

409ca331178231208322b88a22967a755682e841b0cdf4f055b8f31196e46f02889a857e4fa47598db5dd9e0ced3aa017f2e92687c2b02c2dfa81e9261e6f035
SSDEEP

6144:X8JFx8y2h+Gy1SPvPzOi+WsCRmOSCa03JdlYK7RV/QGrcJ5r4ofVIKkop3VVLgYp:MJz8hh+f1STIOaGdlYK7RV/QGrcJ5r4i

Score

10^/10

healer dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

956bd517657fbc0ac22ad634235ff6b0_NeikiAnalytics.exe

Resource

win7-20240221-en

healer dropper evasion trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

956bd517657fbc0ac22ad634235ff6b0_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

healer dropper evasion trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  956bd517657fbc0ac22ad634235ff6b0_NeikiAnalytics
- Size
  
  299KB
- MD5
  
  956bd517657fbc0ac22ad634235ff6b0
- SHA1
  
  d70f3cf2647776857bb6ca2ad50c2615c1096276
- SHA256
  
  54eb80bbaf5b0a6d578a6f3b4416ff1b6ce876df518bb85f5931b79ddf144538
- SHA512
  
  409ca331178231208322b88a22967a755682e841b0cdf4f055b8f31196e46f02889a857e4fa47598db5dd9e0ced3aa017f2e92687c2b02c2dfa81e9261e6f035
- SSDEEP
  
  6144:X8JFx8y2h+Gy1SPvPzOi+WsCRmOSCa03JdlYK7RV/QGrcJ5r4ofVIKkop3VVLgYp:MJz8hh+f1STIOaGdlYK7RV/QGrcJ5r4i
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan

behavioral2

healerdropperevasiontrojan

© 2018-2025

Terms | Privacy