healer | cf8aaaf5965e40b0372a001fc1bd533d3d5352cadffdd2cabe98d9159380c1d0 | Triage

Submit
Reports

Overview

overview

Static

static

3

cf8aaaf596...0N.exe

windows7-x64

cf8aaaf596...0N.exe

windows10-2004-x64

Sharing

General

Target

cf8aaaf5965e40b0372a001fc1bd533d3d5352cadffdd2cabe98d9159380c1d0N.exe
Size

278KB
Sample

241118-3kqdgaxmfw
MD5

24971510194749bc7c05923b3318b660
SHA1

25e0e2d4f0375052a56dda21a9e30f445e44637f
SHA256

cf8aaaf5965e40b0372a001fc1bd533d3d5352cadffdd2cabe98d9159380c1d0
SHA512

a9a4cc6f49c882cd446a5d0b88cb810d944cfaa0ca1d5e5b624cc388cc100dc516c1db2f20d6f19e97333327c1892beda7acc77560702cfe8935021dd6dc2b8b
SSDEEP

6144:cNIJ3MazNfq29XULVwGx/g6Fm/UNWng4/ve:cqzNfdkLSwl1No

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cf8aaaf5965e40b0372a001fc1bd533d3d5352cadffdd2cabe98d9159380c1d0N.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

cf8aaaf5965e40b0372a001fc1bd533d3d5352cadffdd2cabe98d9159380c1d0N.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  cf8aaaf5965e40b0372a001fc1bd533d3d5352cadffdd2cabe98d9159380c1d0N.exe
- Size
  
  278KB
- MD5
  
  24971510194749bc7c05923b3318b660
- SHA1
  
  25e0e2d4f0375052a56dda21a9e30f445e44637f
- SHA256
  
  cf8aaaf5965e40b0372a001fc1bd533d3d5352cadffdd2cabe98d9159380c1d0
- SHA512
  
  a9a4cc6f49c882cd446a5d0b88cb810d944cfaa0ca1d5e5b624cc388cc100dc516c1db2f20d6f19e97333327c1892beda7acc77560702cfe8935021dd6dc2b8b
- SSDEEP
  
  6144:cNIJ3MazNfq29XULVwGx/g6Fm/UNWng4/ve:cqzNfdkLSwl1No
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy