healer | c80a7c9f711f25d6618ba385dde2515313acfe1b573bec067b0cc8a5f0453f0d | Triage

Submit
Reports

Overview

overview

Static

static

3

c80a7c9f71...dN.exe

windows7-x64

c80a7c9f71...dN.exe

windows10-2004-x64

Sharing

General

Target

c80a7c9f711f25d6618ba385dde2515313acfe1b573bec067b0cc8a5f0453f0dN.exe
Size

295KB
Sample

241119-er876a1bqq
MD5

02a8d30e926df56a9cb8a5858dc3dd30
SHA1

cd379b7a853f2c538a62b3af6ec27b11fb9f952e
SHA256

c80a7c9f711f25d6618ba385dde2515313acfe1b573bec067b0cc8a5f0453f0d
SHA512

9450782815243b353dd4989064f86b2ea07c8f42df8f28917a020605ce8d1bb64113daf6b8897436d8f1393ae1b74f48f4b525476a30760c509f407104bac0e6
SSDEEP

3072:SZ7HjoCTZXT3uq7AmjWCXeZeHhVURa7sMc+Z+pBAkKtrrmJ4DQENIv8kc8+c0bJf:iFdruq7om2a7sHlWtrHDQGIv8kc8ex

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c80a7c9f711f25d6618ba385dde2515313acfe1b573bec067b0cc8a5f0453f0dN.exe

Resource

win7-20241010-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

c80a7c9f711f25d6618ba385dde2515313acfe1b573bec067b0cc8a5f0453f0dN.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  c80a7c9f711f25d6618ba385dde2515313acfe1b573bec067b0cc8a5f0453f0dN.exe
- Size
  
  295KB
- MD5
  
  02a8d30e926df56a9cb8a5858dc3dd30
- SHA1
  
  cd379b7a853f2c538a62b3af6ec27b11fb9f952e
- SHA256
  
  c80a7c9f711f25d6618ba385dde2515313acfe1b573bec067b0cc8a5f0453f0d
- SHA512
  
  9450782815243b353dd4989064f86b2ea07c8f42df8f28917a020605ce8d1bb64113daf6b8897436d8f1393ae1b74f48f4b525476a30760c509f407104bac0e6
- SSDEEP
  
  3072:SZ7HjoCTZXT3uq7AmjWCXeZeHhVURa7sMc+Z+pBAkKtrrmJ4DQENIv8kc8+c0bJf:iFdruq7om2a7sHlWtrHDQGIv8kc8ex
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy