healer | 243cdbf014b09d62769f21e99e0f061df5c669a42ef381a64996fc80749047ca | Triage

Submit
Reports

Overview

overview

Static

static

3

243cdbf014...ca.exe

windows7-x64

243cdbf014...ca.exe

windows10-2004-x64

Sharing

General

Target

243cdbf014b09d62769f21e99e0f061df5c669a42ef381a64996fc80749047ca.exe
Size

277KB
Sample

241118-sjh8naynfy
MD5

4ed71d217aad08672c1bc3948182d153
SHA1

0c69496ed3a8c099d6e17e67b2e482e46d95a77b
SHA256

243cdbf014b09d62769f21e99e0f061df5c669a42ef381a64996fc80749047ca
SHA512

b52bdfa7d00d5a9822fe1e971cd3fd00d6fce79747f3559fee4265b54ab5cd8d4ab75715016917e44cc693ba46dc820003eff61a11abb885763270785cee0684
SSDEEP

3072:4A+sgUHniUYJ+vYaFpYpE86BSkuIo2RX+SnsK+MEANDlN6qOncZuH5/vJwYPDpJP:nBM+vJ8NHIpz5pDQOupv2YPDWJ2

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

243cdbf014b09d62769f21e99e0f061df5c669a42ef381a64996fc80749047ca.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

243cdbf014b09d62769f21e99e0f061df5c669a42ef381a64996fc80749047ca.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  243cdbf014b09d62769f21e99e0f061df5c669a42ef381a64996fc80749047ca.exe
- Size
  
  277KB
- MD5
  
  4ed71d217aad08672c1bc3948182d153
- SHA1
  
  0c69496ed3a8c099d6e17e67b2e482e46d95a77b
- SHA256
  
  243cdbf014b09d62769f21e99e0f061df5c669a42ef381a64996fc80749047ca
- SHA512
  
  b52bdfa7d00d5a9822fe1e971cd3fd00d6fce79747f3559fee4265b54ab5cd8d4ab75715016917e44cc693ba46dc820003eff61a11abb885763270785cee0684
- SSDEEP
  
  3072:4A+sgUHniUYJ+vYaFpYpE86BSkuIo2RX+SnsK+MEANDlN6qOncZuH5/vJwYPDpJP:nBM+vJ8NHIpz5pDQOupv2YPDWJ2
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy