healer | 32b4960fc0149d34a1352a9fd2cdd3bdc88691908644fa477646817617ceb6cd | Triage

Submit
Reports

Overview

overview

Static

static

3

32b4960fc0...cd.exe

windows7-x64

32b4960fc0...cd.exe

windows10-2004-x64

Sharing

General

Target

32b4960fc0149d34a1352a9fd2cdd3bdc88691908644fa477646817617ceb6cd
Size

403KB
Sample

240527-jqpvcach9w
MD5

587836f85c22ef84c73ab53f38fdfadc
SHA1

ace7921fbf7745a7698a957fcbf0177c80a3fac8
SHA256

32b4960fc0149d34a1352a9fd2cdd3bdc88691908644fa477646817617ceb6cd
SHA512

fe0f06bc7db5b5c005d2815f5fcd599708f257c7f669f1f3edb51dc0a3ba031396961eb3768c5c5f31139845d74ce0d7071a3a209a3e08f57855bf69f0e1f5a5
SSDEEP

6144:4VaWw7kqYDOfOwABVIiXSAn1em15X9gIieE0bbtbt:4VaX7LYKfNAMiXqAtgyEqbt

Score

10^/10

healer dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

32b4960fc0149d34a1352a9fd2cdd3bdc88691908644fa477646817617ceb6cd.exe

Resource

win7-20240508-en

healer dropper evasion trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

32b4960fc0149d34a1352a9fd2cdd3bdc88691908644fa477646817617ceb6cd.exe

Resource

win10v2004-20240508-en

healer dropper evasion trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  32b4960fc0149d34a1352a9fd2cdd3bdc88691908644fa477646817617ceb6cd
- Size
  
  403KB
- MD5
  
  587836f85c22ef84c73ab53f38fdfadc
- SHA1
  
  ace7921fbf7745a7698a957fcbf0177c80a3fac8
- SHA256
  
  32b4960fc0149d34a1352a9fd2cdd3bdc88691908644fa477646817617ceb6cd
- SHA512
  
  fe0f06bc7db5b5c005d2815f5fcd599708f257c7f669f1f3edb51dc0a3ba031396961eb3768c5c5f31139845d74ce0d7071a3a209a3e08f57855bf69f0e1f5a5
- SSDEEP
  
  6144:4VaWw7kqYDOfOwABVIiXSAn1em15X9gIieE0bbtbt:4VaX7LYKfNAMiXqAtgyEqbt
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Impair Defenses

Disable or Modify Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

healerdropperevasiontrojan

behavioral2

healerdropperevasiontrojan

© 2018-2024

Terms | Privacy