healer | 61fc5ac4e966aab5dc63c208c78bb9ce9e7ac2f9dad4a5ba8ed7bfa40fec6edd | Triage

Submit
Reports

Overview

overview

Static

static

3

61fc5ac4e9...dN.exe

windows7-x64

61fc5ac4e9...dN.exe

windows10-2004-x64

Sharing

General

Target

61fc5ac4e966aab5dc63c208c78bb9ce9e7ac2f9dad4a5ba8ed7bfa40fec6eddN.exe
Size

403KB
Sample

241118-le6ptstjhs
MD5

25a18f0193a33f31988bcbc763b79e20
SHA1

12958812f51f9d370031bcf51b8002b2b14019d2
SHA256

61fc5ac4e966aab5dc63c208c78bb9ce9e7ac2f9dad4a5ba8ed7bfa40fec6edd
SHA512

f62343733a3c0e0140e2639667df3002f3aa7435c6a3f1a75d7ca8fc36e0f964d5e3fd9d492f474da85d22a490e5abf36349d8ec30bbaa97ef20b67400ff069e
SSDEEP

6144:mvZ5XmI725dNJA7pDOE5qd4zgjWdmjUr0eAM/hsqIb3eGtyrUiWIv:mxFmUWdNJAAE8dcgjCmjUrbs79yUipv

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

61fc5ac4e966aab5dc63c208c78bb9ce9e7ac2f9dad4a5ba8ed7bfa40fec6eddN.exe

Resource

win7-20241010-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

61fc5ac4e966aab5dc63c208c78bb9ce9e7ac2f9dad4a5ba8ed7bfa40fec6eddN.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  61fc5ac4e966aab5dc63c208c78bb9ce9e7ac2f9dad4a5ba8ed7bfa40fec6eddN.exe
- Size
  
  403KB
- MD5
  
  25a18f0193a33f31988bcbc763b79e20
- SHA1
  
  12958812f51f9d370031bcf51b8002b2b14019d2
- SHA256
  
  61fc5ac4e966aab5dc63c208c78bb9ce9e7ac2f9dad4a5ba8ed7bfa40fec6edd
- SHA512
  
  f62343733a3c0e0140e2639667df3002f3aa7435c6a3f1a75d7ca8fc36e0f964d5e3fd9d492f474da85d22a490e5abf36349d8ec30bbaa97ef20b67400ff069e
- SSDEEP
  
  6144:mvZ5XmI725dNJA7pDOE5qd4zgjWdmjUr0eAM/hsqIb3eGtyrUiWIv:mxFmUWdNJAAE8dcgjCmjUrbs79yUipv
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy