healer | e4d6c23cfa2d5df540429e5b9221d9581872db5f36fbe4f9a9abd364c9a7797b | Triage

Submit
Reports

Overview

overview

Static

static

3

e4d6c23cfa...7b.exe

windows7-x64

e4d6c23cfa...7b.exe

windows10-2004-x64

Sharing

General

Target

e4d6c23cfa2d5df540429e5b9221d9581872db5f36fbe4f9a9abd364c9a7797b.exe
Size

404KB
Sample

241118-xhx3mssfng
MD5

202b18f7450f1355aee485f9d78da995
SHA1

395cf8b975612282bb0ebde4d316e0ce717fcb1a
SHA256

e4d6c23cfa2d5df540429e5b9221d9581872db5f36fbe4f9a9abd364c9a7797b
SHA512

9ec6b433b43e105a8932c88a0d7f01dffa0a22276a2d49d5afa56e8b333aa43a379b80e73ec095f383a560000af31e1dab28a92ee10bff68dbaf061ed127c3fe
SSDEEP

6144:9HZ9m88WiOH0/enY6gVJvdg0t59tO3tGoibkrL/1NUEP/b1Ivs:95486OH0/eAVX1Q3EkrDnTbGvs

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e4d6c23cfa2d5df540429e5b9221d9581872db5f36fbe4f9a9abd364c9a7797b.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

e4d6c23cfa2d5df540429e5b9221d9581872db5f36fbe4f9a9abd364c9a7797b.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  e4d6c23cfa2d5df540429e5b9221d9581872db5f36fbe4f9a9abd364c9a7797b.exe
- Size
  
  404KB
- MD5
  
  202b18f7450f1355aee485f9d78da995
- SHA1
  
  395cf8b975612282bb0ebde4d316e0ce717fcb1a
- SHA256
  
  e4d6c23cfa2d5df540429e5b9221d9581872db5f36fbe4f9a9abd364c9a7797b
- SHA512
  
  9ec6b433b43e105a8932c88a0d7f01dffa0a22276a2d49d5afa56e8b333aa43a379b80e73ec095f383a560000af31e1dab28a92ee10bff68dbaf061ed127c3fe
- SSDEEP
  
  6144:9HZ9m88WiOH0/enY6gVJvdg0t59tO3tGoibkrL/1NUEP/b1Ivs:95486OH0/eAVX1Q3EkrDnTbGvs
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy