healer | 86aaf5c6d98282a31b5a95782dec5ba86e59d16aac4c471f949b4cff481a491c | Triage

Submit
Reports

Overview

overview

Static

static

3

86aaf5c6d9...cN.exe

windows7-x64

86aaf5c6d9...cN.exe

windows10-2004-x64

Sharing

General

Target

86aaf5c6d98282a31b5a95782dec5ba86e59d16aac4c471f949b4cff481a491cN.exe
Size

259KB
Sample

241119-n2j6fswfkk
MD5

86ad93a30584ca04c0d11d2c6ccfdec0
SHA1

7abc87b8b68f137a85ff28823e18bd3f531b993f
SHA256

86aaf5c6d98282a31b5a95782dec5ba86e59d16aac4c471f949b4cff481a491c
SHA512

c5bd2324dc7fb82853053378f31147042dbf4b081c0f959178096607cde02e182c08fca5c6e763c13f5f50b06bb212d11608d0e371cdb6d3069941dd264e1c27
SSDEEP

3072:5SJt67RjPlj9zYyD9eysjjA/I/ap77EFSSSLKQD7rWB5Km+j:Wt67RjPlj+yAysfA/Om77EfSdxm+

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

86aaf5c6d98282a31b5a95782dec5ba86e59d16aac4c471f949b4cff481a491cN.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

86aaf5c6d98282a31b5a95782dec5ba86e59d16aac4c471f949b4cff481a491cN.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  86aaf5c6d98282a31b5a95782dec5ba86e59d16aac4c471f949b4cff481a491cN.exe
- Size
  
  259KB
- MD5
  
  86ad93a30584ca04c0d11d2c6ccfdec0
- SHA1
  
  7abc87b8b68f137a85ff28823e18bd3f531b993f
- SHA256
  
  86aaf5c6d98282a31b5a95782dec5ba86e59d16aac4c471f949b4cff481a491c
- SHA512
  
  c5bd2324dc7fb82853053378f31147042dbf4b081c0f959178096607cde02e182c08fca5c6e763c13f5f50b06bb212d11608d0e371cdb6d3069941dd264e1c27
- SSDEEP
  
  3072:5SJt67RjPlj9zYyD9eysjjA/I/ap77EFSSSLKQD7rWB5Km+j:Wt67RjPlj+yAysfA/Om77EfSdxm+
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy