healer | 928fd8173439addcd4f61b2835214506198277d69203924afc7d691b718108dd | Triage

Submit
Reports

Overview

overview

Static

static

3

928fd81734...dd.exe

windows7-x64

928fd81734...dd.exe

windows10-2004-x64

Sharing

General

Target

928fd8173439addcd4f61b2835214506198277d69203924afc7d691b718108dd.exe
Size

278KB
Sample

241118-wdwtca1gpc
MD5

5183917c160dc62d8eae8ba9a295f59b
SHA1

17adf63356f7f652c680b719e51afa194336c2fd
SHA256

928fd8173439addcd4f61b2835214506198277d69203924afc7d691b718108dd
SHA512

968771675489a17908c969e1bf23e2b4dfac51cd0b86b282a7dad65fa863cefece3f045696c767a5c8447fba9771b8e742c2866c21ce9f84a62b2909d37634f0
SSDEEP

3072:KyheYR2v9yICes6/nef3IxYhxU3NMNhHXJvXxfRzLNNLxMv4R66z5Lba9jk4/owm:hveyIOn4xwGch3VxfRTxc4pbQg4/ve7F

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

928fd8173439addcd4f61b2835214506198277d69203924afc7d691b718108dd.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

928fd8173439addcd4f61b2835214506198277d69203924afc7d691b718108dd.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  928fd8173439addcd4f61b2835214506198277d69203924afc7d691b718108dd.exe
- Size
  
  278KB
- MD5
  
  5183917c160dc62d8eae8ba9a295f59b
- SHA1
  
  17adf63356f7f652c680b719e51afa194336c2fd
- SHA256
  
  928fd8173439addcd4f61b2835214506198277d69203924afc7d691b718108dd
- SHA512
  
  968771675489a17908c969e1bf23e2b4dfac51cd0b86b282a7dad65fa863cefece3f045696c767a5c8447fba9771b8e742c2866c21ce9f84a62b2909d37634f0
- SSDEEP
  
  3072:KyheYR2v9yICes6/nef3IxYhxU3NMNhHXJvXxfRzLNNLxMv4R66z5Lba9jk4/owm:hveyIOn4xwGch3VxfRTxc4pbQg4/ve7F
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy