healer | 05d8c8154154d937ca1c43641f6e0cad6454fc7defc7541bdcaca7ef0959a776 | Triage

Submit
Reports

Overview

overview

Static

static

3

05d8c81541...6N.exe

windows7-x64

05d8c81541...6N.exe

windows10-2004-x64

Sharing

General

Target

05d8c8154154d937ca1c43641f6e0cad6454fc7defc7541bdcaca7ef0959a776N.exe
Size

258KB
Sample

241119-ny4exszrdm
MD5

94870aeebbc93bad5a0cf510c9e778b0
SHA1

88bf238806394f45a09575d03aaf8c426ceb11e8
SHA256

05d8c8154154d937ca1c43641f6e0cad6454fc7defc7541bdcaca7ef0959a776
SHA512

a1dc39a56fb593c6c7bb612cee4e9244065c5207a34f3a474cf6ea9e255ba351a13080d72bc9cd31ae7a7f8218ab0d596e0368a92dfea197de17f048aaf47e6b
SSDEEP

6144:XMFCss+TDjn5CtgIgYTNrFh/KTFgMpogHk:XXss0xbIgYTNrD6qM9

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

05d8c8154154d937ca1c43641f6e0cad6454fc7defc7541bdcaca7ef0959a776N.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

05d8c8154154d937ca1c43641f6e0cad6454fc7defc7541bdcaca7ef0959a776N.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  05d8c8154154d937ca1c43641f6e0cad6454fc7defc7541bdcaca7ef0959a776N.exe
- Size
  
  258KB
- MD5
  
  94870aeebbc93bad5a0cf510c9e778b0
- SHA1
  
  88bf238806394f45a09575d03aaf8c426ceb11e8
- SHA256
  
  05d8c8154154d937ca1c43641f6e0cad6454fc7defc7541bdcaca7ef0959a776
- SHA512
  
  a1dc39a56fb593c6c7bb612cee4e9244065c5207a34f3a474cf6ea9e255ba351a13080d72bc9cd31ae7a7f8218ab0d596e0368a92dfea197de17f048aaf47e6b
- SSDEEP
  
  6144:XMFCss+TDjn5CtgIgYTNrFh/KTFgMpogHk:XXss0xbIgYTNrD6qM9
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy