healer | 4c0ed304b717b052c38db152f22a91c922f1a575efbdd4665cb4a2e417e975d1 | Triage

Submit
Reports

Overview

overview

Static

static

3

4c0ed304b7...d1.exe

windows7-x64

4c0ed304b7...d1.exe

windows10-2004-x64

Sharing

General

Target

4c0ed304b717b052c38db152f22a91c922f1a575efbdd4665cb4a2e417e975d1
Size

389KB
Sample

241121-3gqj3azpfz
MD5

04a63b0662541361a091346ef9eac3f9
SHA1

7a1c6a2522928fb2e7d74630aee744d9285acc7a
SHA256

4c0ed304b717b052c38db152f22a91c922f1a575efbdd4665cb4a2e417e975d1
SHA512

51549c16bcd7c99d35b961ba6bfe592e63dacfb44bbdf97dd81c00f1fccd87460e1e141685b33a7dd565bec59c1a32bbf10e9f9b3f7e32653c42d72db87d5525
SSDEEP

6144:o8gbTmfTgUD8LHBlcEl/p9idpCWRiPC4MMPb4CSgAozS:ibSfT3D8LHzc+/g8QiPBmn

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4c0ed304b717b052c38db152f22a91c922f1a575efbdd4665cb4a2e417e975d1.exe

Resource

win7-20241010-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

4c0ed304b717b052c38db152f22a91c922f1a575efbdd4665cb4a2e417e975d1.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  4c0ed304b717b052c38db152f22a91c922f1a575efbdd4665cb4a2e417e975d1
- Size
  
  389KB
- MD5
  
  04a63b0662541361a091346ef9eac3f9
- SHA1
  
  7a1c6a2522928fb2e7d74630aee744d9285acc7a
- SHA256
  
  4c0ed304b717b052c38db152f22a91c922f1a575efbdd4665cb4a2e417e975d1
- SHA512
  
  51549c16bcd7c99d35b961ba6bfe592e63dacfb44bbdf97dd81c00f1fccd87460e1e141685b33a7dd565bec59c1a32bbf10e9f9b3f7e32653c42d72db87d5525
- SSDEEP
  
  6144:o8gbTmfTgUD8LHBlcEl/p9idpCWRiPC4MMPb4CSgAozS:ibSfT3D8LHzc+/g8QiPBmn
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy