healer | f4e3715687880cb998f369289b27c62082ad38dd48932bf2c7ffa616fdd35404 | Triage

Submit
Reports

Overview

overview

Static

static

3

f4e3715687...4N.exe

windows7-x64

f4e3715687...4N.exe

windows10-2004-x64

Sharing

General

Target

f4e3715687880cb998f369289b27c62082ad38dd48932bf2c7ffa616fdd35404N.exe
Size

259KB
Sample

241119-z5zwvstdpl
MD5

4cd12387cf8363e0204446a890a6ea90
SHA1

a99493a0e1c9985915c2fe402cc7f69197acd6a4
SHA256

f4e3715687880cb998f369289b27c62082ad38dd48932bf2c7ffa616fdd35404
SHA512

f6aedce91b4c2389a736407b165af0ab3146d7ed4068d1d242cbdfc6a0024ab18411e24ea43b88d52c930f9cfe69d693953eee4213ee6c3aec677b3c357e63ca
SSDEEP

3072:3nyJjH7+p2M33vNoQjiYKXfOqw+XQkK15+dL6FNYjtM5Kk89r0:34jH7ONoQO5XfRw+cEe4bk89

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f4e3715687880cb998f369289b27c62082ad38dd48932bf2c7ffa616fdd35404N.exe

Resource

win7-20240729-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

f4e3715687880cb998f369289b27c62082ad38dd48932bf2c7ffa616fdd35404N.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  f4e3715687880cb998f369289b27c62082ad38dd48932bf2c7ffa616fdd35404N.exe
- Size
  
  259KB
- MD5
  
  4cd12387cf8363e0204446a890a6ea90
- SHA1
  
  a99493a0e1c9985915c2fe402cc7f69197acd6a4
- SHA256
  
  f4e3715687880cb998f369289b27c62082ad38dd48932bf2c7ffa616fdd35404
- SHA512
  
  f6aedce91b4c2389a736407b165af0ab3146d7ed4068d1d242cbdfc6a0024ab18411e24ea43b88d52c930f9cfe69d693953eee4213ee6c3aec677b3c357e63ca
- SSDEEP
  
  3072:3nyJjH7+p2M33vNoQjiYKXfOqw+XQkK15+dL6FNYjtM5Kk89r0:34jH7ONoQO5XfRw+cEe4bk89
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2024

Terms | Privacy