healer | 366f1f7c4efd91190d7a9b3f3c7d3106030dae1047d4f217f83da26577ab61d3 | Triage

Submit
Reports

Overview

overview

Static

static

3

366f1f7c4e...d3.exe

windows7-x64

366f1f7c4e...d3.exe

windows10-2004-x64

Sharing

General

Target

366f1f7c4efd91190d7a9b3f3c7d3106030dae1047d4f217f83da26577ab61d3.exe
Size

278KB
Sample

241119-x6yn3s1bjg
MD5

52ad91b009835bbe61ca0e3bcdc19ef2
SHA1

e027b30742d78b4d3bbe968134f425a9e8035efa
SHA256

366f1f7c4efd91190d7a9b3f3c7d3106030dae1047d4f217f83da26577ab61d3
SHA512

62bf7ffd78b6fa27c81590803d86422e44c03f4840a83c29f2ed0b0ebef61bd8100ab4e225cad2a56299499ccf33e7a88b6f022de0cccd84c3e07c3a216d342f
SSDEEP

3072:BASRWb/xZGHgBOufTqty6td/JpXDLwvlFgNIHeI5nDiLdO4lb5p5fpDwYPDpJKJs:xwGlATSdXgbcM5n+LY4l9pcYPDWJhO

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

366f1f7c4efd91190d7a9b3f3c7d3106030dae1047d4f217f83da26577ab61d3.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

366f1f7c4efd91190d7a9b3f3c7d3106030dae1047d4f217f83da26577ab61d3.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  366f1f7c4efd91190d7a9b3f3c7d3106030dae1047d4f217f83da26577ab61d3.exe
- Size
  
  278KB
- MD5
  
  52ad91b009835bbe61ca0e3bcdc19ef2
- SHA1
  
  e027b30742d78b4d3bbe968134f425a9e8035efa
- SHA256
  
  366f1f7c4efd91190d7a9b3f3c7d3106030dae1047d4f217f83da26577ab61d3
- SHA512
  
  62bf7ffd78b6fa27c81590803d86422e44c03f4840a83c29f2ed0b0ebef61bd8100ab4e225cad2a56299499ccf33e7a88b6f022de0cccd84c3e07c3a216d342f
- SSDEEP
  
  3072:BASRWb/xZGHgBOufTqty6td/JpXDLwvlFgNIHeI5nDiLdO4lb5p5fpDwYPDpJKJs:xwGlATSdXgbcM5n+LY4l9pcYPDWJhO
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2024

Terms | Privacy