healer | f21ed481ff04d18a4810ddbc9e252a841f46e1cc166afb7c0709924b02fcb7c3 | Triage

Submit
Reports

Overview

overview

Static

static

3

cc42a47880...cs.exe

windows7-x64

cc42a47880...cs.exe

windows10-2004-x64

Sharing

General

Target

cc42a478804419df1ccddb7f34557410_NeikiAnalytics
Size

178KB
Sample

240514-s23p1sdb85
MD5

cc42a478804419df1ccddb7f34557410
SHA1

a83117c341ba44689530b23730395e22f979bf76
SHA256

f21ed481ff04d18a4810ddbc9e252a841f46e1cc166afb7c0709924b02fcb7c3
SHA512

ac2b4fd3a971be79ef996c8659f34774f86be0020c253e29e617903cf2f50a551ea069428211a04ab88cb1ef179383d0cc6c17a3bb69fdd62a088b3d637c5b98
SSDEEP

3072:pDKW1LgppLRHMY0TBfJvjcTp5XZpa8nqeo7Qbeues6Y:pDKW1Lgbdl0TBBvjc/S81Sues

Score

10^/10

healer dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cc42a478804419df1ccddb7f34557410_NeikiAnalytics.exe

Resource

win7-20240221-en

healer dropper evasion trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

cc42a478804419df1ccddb7f34557410_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

healer dropper evasion trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  cc42a478804419df1ccddb7f34557410_NeikiAnalytics
- Size
  
  178KB
- MD5
  
  cc42a478804419df1ccddb7f34557410
- SHA1
  
  a83117c341ba44689530b23730395e22f979bf76
- SHA256
  
  f21ed481ff04d18a4810ddbc9e252a841f46e1cc166afb7c0709924b02fcb7c3
- SHA512
  
  ac2b4fd3a971be79ef996c8659f34774f86be0020c253e29e617903cf2f50a551ea069428211a04ab88cb1ef179383d0cc6c17a3bb69fdd62a088b3d637c5b98
- SSDEEP
  
  3072:pDKW1LgppLRHMY0TBfJvjcTp5XZpa8nqeo7Qbeues6Y:pDKW1Lgbdl0TBBvjc/S81Sues
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdropperevasiontrojan

behavioral2

healerdropperevasiontrojan

© 2018-2024

Terms | Privacy