healer | 85509f5fc5e430b6e4beb1b0e99b97072d8d8c3efc267f3635abd5fa9176828f | Triage

Submit
Reports

Overview

overview

Static

static

3

85509f5fc5...fN.exe

windows7-x64

85509f5fc5...fN.exe

windows10-2004-x64

Sharing

General

Target

85509f5fc5e430b6e4beb1b0e99b97072d8d8c3efc267f3635abd5fa9176828fN.exe
Size

404KB
Sample

241118-2pks4swhne
MD5

113b9d0c198d357f3f4538688bd71d20
SHA1

35003f01890964c277d0c7c206dd8c9a31252d47
SHA256

85509f5fc5e430b6e4beb1b0e99b97072d8d8c3efc267f3635abd5fa9176828f
SHA512

13c338790514236469a502d81d3845c4fa1fd79ab4fd517a156c17fc8bb81f035b240c66d183712cf0a9a9979ea5c67bd8c950c99e67fa1c9ee08dac3a775bc0
SSDEEP

6144:XHZ9m88WiOH0/enY6gVJvdg0t59tO3tGoibkrL/1NUEP/b1Iv:X5486OH0/eAVX1Q3EkrDnTbGv

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

85509f5fc5e430b6e4beb1b0e99b97072d8d8c3efc267f3635abd5fa9176828fN.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

85509f5fc5e430b6e4beb1b0e99b97072d8d8c3efc267f3635abd5fa9176828fN.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  85509f5fc5e430b6e4beb1b0e99b97072d8d8c3efc267f3635abd5fa9176828fN.exe
- Size
  
  404KB
- MD5
  
  113b9d0c198d357f3f4538688bd71d20
- SHA1
  
  35003f01890964c277d0c7c206dd8c9a31252d47
- SHA256
  
  85509f5fc5e430b6e4beb1b0e99b97072d8d8c3efc267f3635abd5fa9176828f
- SHA512
  
  13c338790514236469a502d81d3845c4fa1fd79ab4fd517a156c17fc8bb81f035b240c66d183712cf0a9a9979ea5c67bd8c950c99e67fa1c9ee08dac3a775bc0
- SSDEEP
  
  6144:XHZ9m88WiOH0/enY6gVJvdg0t59tO3tGoibkrL/1NUEP/b1Iv:X5486OH0/eAVX1Q3EkrDnTbGv
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy