healer | ba210005a00423b805dae271604e4318cbbc404a2673a9aa2ddd95b948b31df6 | Triage

Submit
Reports

Overview

overview

Static

static

3

ba210005a0...6N.exe

windows7-x64

ba210005a0...6N.exe

windows10-2004-x64

Sharing

General

Target

ba210005a00423b805dae271604e4318cbbc404a2673a9aa2ddd95b948b31df6N.exe
Size

277KB
Sample

241118-yeyqfathnp
MD5

b90b5a92501cd9bf39735dbb50198340
SHA1

060d4e0f905a76169efd8e815135994763b4e0bc
SHA256

ba210005a00423b805dae271604e4318cbbc404a2673a9aa2ddd95b948b31df6
SHA512

b8f077a2377399657bcf466403a9d5efc92ae86a9989978ca3c3e6d9fce425f9ab2824df1e48b544506f0d65e50aa5021c296bce701f0b168d88c315b615925e
SSDEEP

3072:Fh+tAUHXSwntx7nmciFYMI8mU90fy2ME0n/gJCYbBUlvWN5/sBOwYPDpJKJRfyI:mxSeMFYtMz/ghU52sBXYPDWJ

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ba210005a00423b805dae271604e4318cbbc404a2673a9aa2ddd95b948b31df6N.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

ba210005a00423b805dae271604e4318cbbc404a2673a9aa2ddd95b948b31df6N.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  ba210005a00423b805dae271604e4318cbbc404a2673a9aa2ddd95b948b31df6N.exe
- Size
  
  277KB
- MD5
  
  b90b5a92501cd9bf39735dbb50198340
- SHA1
  
  060d4e0f905a76169efd8e815135994763b4e0bc
- SHA256
  
  ba210005a00423b805dae271604e4318cbbc404a2673a9aa2ddd95b948b31df6
- SHA512
  
  b8f077a2377399657bcf466403a9d5efc92ae86a9989978ca3c3e6d9fce425f9ab2824df1e48b544506f0d65e50aa5021c296bce701f0b168d88c315b615925e
- SSDEEP
  
  3072:Fh+tAUHXSwntx7nmciFYMI8mU90fy2ME0n/gJCYbBUlvWN5/sBOwYPDpJKJRfyI:mxSeMFYtMz/ghU52sBXYPDWJ
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy