healer | d0b4139b8fa3702d8983c59e351e7e8e6a10143a1d56060f160bd360fc6e542d | Triage

Submit
Reports

Overview

overview

Static

static

3

d0b4139b8f...dN.exe

windows7-x64

d0b4139b8f...dN.exe

windows10-2004-x64

Sharing

General

Target

d0b4139b8fa3702d8983c59e351e7e8e6a10143a1d56060f160bd360fc6e542dN.exe
Size

180KB
Sample

241124-k7g2hatkbt
MD5

180b5ef268828e54e8b02c51b05664b0
SHA1

da8b2d9a954ba4f78b401632e9118f78a8b2e968
SHA256

d0b4139b8fa3702d8983c59e351e7e8e6a10143a1d56060f160bd360fc6e542d
SHA512

61c8b01090fa302d3a8d3d6a6e42ecc8a2744fc6b93860960ebebfeb025e1e3606adca7903854f94cd54f726cacb327ea6e6eb79d6dbf2d82e07f93cd2372d85
SSDEEP

3072:pDKW1LgppLRHMY0TBfJvjcTp5XZpa8nqeo7Qbeues6Y:pDKW1Lgbdl0TBBvjc/S81Sues

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d0b4139b8fa3702d8983c59e351e7e8e6a10143a1d56060f160bd360fc6e542dN.exe

Resource

win7-20240903-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

d0b4139b8fa3702d8983c59e351e7e8e6a10143a1d56060f160bd360fc6e542dN.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  d0b4139b8fa3702d8983c59e351e7e8e6a10143a1d56060f160bd360fc6e542dN.exe
- Size
  
  180KB
- MD5
  
  180b5ef268828e54e8b02c51b05664b0
- SHA1
  
  da8b2d9a954ba4f78b401632e9118f78a8b2e968
- SHA256
  
  d0b4139b8fa3702d8983c59e351e7e8e6a10143a1d56060f160bd360fc6e542d
- SHA512
  
  61c8b01090fa302d3a8d3d6a6e42ecc8a2744fc6b93860960ebebfeb025e1e3606adca7903854f94cd54f726cacb327ea6e6eb79d6dbf2d82e07f93cd2372d85
- SSDEEP
  
  3072:pDKW1LgppLRHMY0TBfJvjcTp5XZpa8nqeo7Qbeues6Y:pDKW1Lgbdl0TBBvjc/S81Sues
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy