healer | 8dd91b90ec4b5689ea03b7cba721830b75c4cc189522db8f709a7be212c7514e | Triage

Submit
Reports

Overview

overview

Static

static

3

8dd91b90ec...4e.exe

windows7-x64

8dd91b90ec...4e.exe

windows10-2004-x64

Sharing

General

Target

8dd91b90ec4b5689ea03b7cba721830b75c4cc189522db8f709a7be212c7514e.exe
Size

403KB
Sample

241124-cf7tvaykew
MD5

98f3b675903a16080c1caad60435b530
SHA1

e3e16b06497783c71e4dc2b505c0acb48c401e4e
SHA256

8dd91b90ec4b5689ea03b7cba721830b75c4cc189522db8f709a7be212c7514e
SHA512

5d58255016141721e6ae01fbc47f74e732af477749cc1a473b98ee12f4aade035cfa39eec0733b59563378ae9178d09bb3b4380038be1fc7773a5bd5e11da31b
SSDEEP

6144:jiC2QvaTFUn6Q6wkkW2qXpc5Ns0ldFE2wBMgKEGKtJuv8CT9mBCmRe:jizQvOF5Q6wkk3ypeldFEJdKyuxwbe

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8dd91b90ec4b5689ea03b7cba721830b75c4cc189522db8f709a7be212c7514e.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

8dd91b90ec4b5689ea03b7cba721830b75c4cc189522db8f709a7be212c7514e.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  8dd91b90ec4b5689ea03b7cba721830b75c4cc189522db8f709a7be212c7514e.exe
- Size
  
  403KB
- MD5
  
  98f3b675903a16080c1caad60435b530
- SHA1
  
  e3e16b06497783c71e4dc2b505c0acb48c401e4e
- SHA256
  
  8dd91b90ec4b5689ea03b7cba721830b75c4cc189522db8f709a7be212c7514e
- SHA512
  
  5d58255016141721e6ae01fbc47f74e732af477749cc1a473b98ee12f4aade035cfa39eec0733b59563378ae9178d09bb3b4380038be1fc7773a5bd5e11da31b
- SSDEEP
  
  6144:jiC2QvaTFUn6Q6wkkW2qXpc5Ns0ldFE2wBMgKEGKtJuv8CT9mBCmRe:jizQvOF5Q6wkk3ypeldFEJdKyuxwbe
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy