healer | dd5b3ed078d835b84ccce8dfb517d10125b9e0c4980095ae2ae9771853da24a8 | Triage

Submit
Reports

Overview

overview

Static

static

3

dd5b3ed078...8N.exe

windows7-x64

dd5b3ed078...8N.exe

windows10-2004-x64

Sharing

General

Target

dd5b3ed078d835b84ccce8dfb517d10125b9e0c4980095ae2ae9771853da24a8N.exe
Size

403KB
Sample

241119-rx9gbssjgm
MD5

c86e53a844c2be0c4b4e9e9d092b54a0
SHA1

cf5d3387f9eba2710ca643a3e24633e1f1140ab7
SHA256

dd5b3ed078d835b84ccce8dfb517d10125b9e0c4980095ae2ae9771853da24a8
SHA512

bdb6e0f79ad30dc0e784dcd1551e321e0b1b60a4203890a63cb7955e91ca58227378705a2b6a4e241c5ad0b90b44f518597339f485e8e23dcd5ce59ee9e42df1
SSDEEP

6144:A7w/PZV2ercTNwDTnfXbnPymRg85RuP6uKGdgXWdVXnKZIv:A7iZEeSNaTnPzPs85RGndVXKKv

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

dd5b3ed078d835b84ccce8dfb517d10125b9e0c4980095ae2ae9771853da24a8N.exe

Resource

win7-20240729-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

dd5b3ed078d835b84ccce8dfb517d10125b9e0c4980095ae2ae9771853da24a8N.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  dd5b3ed078d835b84ccce8dfb517d10125b9e0c4980095ae2ae9771853da24a8N.exe
- Size
  
  403KB
- MD5
  
  c86e53a844c2be0c4b4e9e9d092b54a0
- SHA1
  
  cf5d3387f9eba2710ca643a3e24633e1f1140ab7
- SHA256
  
  dd5b3ed078d835b84ccce8dfb517d10125b9e0c4980095ae2ae9771853da24a8
- SHA512
  
  bdb6e0f79ad30dc0e784dcd1551e321e0b1b60a4203890a63cb7955e91ca58227378705a2b6a4e241c5ad0b90b44f518597339f485e8e23dcd5ce59ee9e42df1
- SSDEEP
  
  6144:A7w/PZV2ercTNwDTnfXbnPymRg85RuP6uKGdgXWdVXnKZIv:A7iZEeSNaTnPzPs85RGndVXKKv
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy