healer | df9d171d8dfdcbd33cd6609dd344c56ece47e567dd75d9bc943f985f0e74aa02 | Triage

Submit
Reports

Overview

overview

Static

static

3

df9d171d8d...02.exe

windows7-x64

df9d171d8d...02.exe

windows10-2004-x64

Sharing

General

Target

df9d171d8dfdcbd33cd6609dd344c56ece47e567dd75d9bc943f985f0e74aa02
Size

278KB
Sample

241122-flpr1avlc1
MD5

ef8def67b785086a3ed5b16755d4bc06
SHA1

1f62f9e2ce9778834c95ce95ef408c98737dd7f0
SHA256

df9d171d8dfdcbd33cd6609dd344c56ece47e567dd75d9bc943f985f0e74aa02
SHA512

e4e89d75a286c23ecd72bd9bdcff5dd188a6715ee9286a71a10df3566d4043b7c566aa0be8061f67c520dc1bba9f68002c3cddec7bf68f713f50bac27bc0ac42
SSDEEP

6144:F+0nVm87ybKXEvFIUg0Ef/UX1Yzg4/ve:FHnVL4K0tIUREfc4

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

df9d171d8dfdcbd33cd6609dd344c56ece47e567dd75d9bc943f985f0e74aa02.exe

Resource

win7-20241010-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

df9d171d8dfdcbd33cd6609dd344c56ece47e567dd75d9bc943f985f0e74aa02.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  df9d171d8dfdcbd33cd6609dd344c56ece47e567dd75d9bc943f985f0e74aa02
- Size
  
  278KB
- MD5
  
  ef8def67b785086a3ed5b16755d4bc06
- SHA1
  
  1f62f9e2ce9778834c95ce95ef408c98737dd7f0
- SHA256
  
  df9d171d8dfdcbd33cd6609dd344c56ece47e567dd75d9bc943f985f0e74aa02
- SHA512
  
  e4e89d75a286c23ecd72bd9bdcff5dd188a6715ee9286a71a10df3566d4043b7c566aa0be8061f67c520dc1bba9f68002c3cddec7bf68f713f50bac27bc0ac42
- SSDEEP
  
  6144:F+0nVm87ybKXEvFIUg0Ef/UX1Yzg4/ve:FHnVL4K0tIUREfc4
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy