healer | cfd1a7972df4011417a5c29b1008f43f7ce47a12f40edbbaebaed968a2c5c578 | Triage

Submit
Reports

Overview

overview

Static

static

3

cfd1a7972d...78.exe

windows7-x64

cfd1a7972d...78.exe

windows10-2004-x64

Sharing

General

Target

cfd1a7972df4011417a5c29b1008f43f7ce47a12f40edbbaebaed968a2c5c578.exe
Size

403KB
Sample

241118-qn4ztaxdje
MD5

43da1f54fdfde378c4fba5c8270310c5
SHA1

1ea3a71c15e189705d756d18b2ee6e0355a882d3
SHA256

cfd1a7972df4011417a5c29b1008f43f7ce47a12f40edbbaebaed968a2c5c578
SHA512

58f2624bb8d118a1a12b4b7c5196f651acd04f739a50e9f53e70048896f32b13772fbc5389d678f0b217f993458c38198b1f5c67fda4a5963b1fd7aa6605d397
SSDEEP

6144:w7w/PZV2ercTNwDTnfXbnPymRg85RuP6uKGdgXWdVXnKZIvH:w7iZEeSNaTnPzPs85RGndVXKKvH

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cfd1a7972df4011417a5c29b1008f43f7ce47a12f40edbbaebaed968a2c5c578.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

cfd1a7972df4011417a5c29b1008f43f7ce47a12f40edbbaebaed968a2c5c578.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  cfd1a7972df4011417a5c29b1008f43f7ce47a12f40edbbaebaed968a2c5c578.exe
- Size
  
  403KB
- MD5
  
  43da1f54fdfde378c4fba5c8270310c5
- SHA1
  
  1ea3a71c15e189705d756d18b2ee6e0355a882d3
- SHA256
  
  cfd1a7972df4011417a5c29b1008f43f7ce47a12f40edbbaebaed968a2c5c578
- SHA512
  
  58f2624bb8d118a1a12b4b7c5196f651acd04f739a50e9f53e70048896f32b13772fbc5389d678f0b217f993458c38198b1f5c67fda4a5963b1fd7aa6605d397
- SSDEEP
  
  6144:w7w/PZV2ercTNwDTnfXbnPymRg85RuP6uKGdgXWdVXnKZIvH:w7iZEeSNaTnPzPs85RGndVXKKvH
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy