healer | 1763acb6e05e250186c6d261c222b86f3bb7aa16fb093c7f8408ca89716e4d48 | Triage

Submit
Reports

Overview

overview

Static

static

3

1763acb6e0...48.exe

windows7-x64

1763acb6e0...48.exe

windows10-2004-x64

Sharing

General

Target

1763acb6e05e250186c6d261c222b86f3bb7aa16fb093c7f8408ca89716e4d48.exe
Size

295KB
Sample

241119-cdg6eaymgt
MD5

87ee3d83fd38699ef1d5af5e6fe5ec6d
SHA1

349ffc0add2aea4e3c73dd333bc11b2aef95f629
SHA256

1763acb6e05e250186c6d261c222b86f3bb7aa16fb093c7f8408ca89716e4d48
SHA512

9d502873e94a6543ecfe9916d5abd68b1de3bbaa7c53a96e86b8853085a4f3006b61a447837b35acd9a424813dabd31c5b923d58d3d7af1cda377d8a50c45435
SSDEEP

3072:SZ7HjoCTZXT3uq7AmjWCXeZeHhVURa7sMc+Z+pBAkKtrrmJ4DQENIv8kc8+c0bJe:iFdruq7om2a7sHlWtrHDQGIv8kc8ex0

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1763acb6e05e250186c6d261c222b86f3bb7aa16fb093c7f8408ca89716e4d48.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

1763acb6e05e250186c6d261c222b86f3bb7aa16fb093c7f8408ca89716e4d48.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  1763acb6e05e250186c6d261c222b86f3bb7aa16fb093c7f8408ca89716e4d48.exe
- Size
  
  295KB
- MD5
  
  87ee3d83fd38699ef1d5af5e6fe5ec6d
- SHA1
  
  349ffc0add2aea4e3c73dd333bc11b2aef95f629
- SHA256
  
  1763acb6e05e250186c6d261c222b86f3bb7aa16fb093c7f8408ca89716e4d48
- SHA512
  
  9d502873e94a6543ecfe9916d5abd68b1de3bbaa7c53a96e86b8853085a4f3006b61a447837b35acd9a424813dabd31c5b923d58d3d7af1cda377d8a50c45435
- SSDEEP
  
  3072:SZ7HjoCTZXT3uq7AmjWCXeZeHhVURa7sMc+Z+pBAkKtrrmJ4DQENIv8kc8+c0bJe:iFdruq7om2a7sHlWtrHDQGIv8kc8ex0
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy