healer | f59bc8ed4900f0b8bc794706f5113320f910265b5f308f474f731f0f68e36a16 | Triage

Submit
Reports

Overview

overview

Static

static

3

c98pD77.exe

windows7-x64

c98pD77.exe

windows10-2004-x64

Sharing

General

Target

c98pD77.exe
Size

226KB
Sample

241202-q19qtswkhx
MD5

ab28d859788ed341aa3a3a268d46e959
SHA1

f32878c115d4e67906d796af61b5ad580f383684
SHA256

f59bc8ed4900f0b8bc794706f5113320f910265b5f308f474f731f0f68e36a16
SHA512

baf59ea6e8f3800251e41612728a6c6058bc8174a448374c63599f44e9c1f849b73d06fee4736eebc749995526c1b85742ae53c7b453a3477a80ccafb202b28d
SSDEEP

3072:cFYS3ho50A7woqBF+5D4yhNtjPku70oJmWnkmNkgC+rTa7nDxkcm4XJa:cJ3h40Bo42tN1PfVJygkgCX7nDxkl4

Score

10^/10

healer discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c98pD77.exe

Resource

win7-20241010-en

healer discovery dropper evasion trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

c98pD77.exe

Resource

win10v2004-20241007-en

healer discovery dropper evasion trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  c98pD77.exe
- Size
  
  226KB
- MD5
  
  ab28d859788ed341aa3a3a268d46e959
- SHA1
  
  f32878c115d4e67906d796af61b5ad580f383684
- SHA256
  
  f59bc8ed4900f0b8bc794706f5113320f910265b5f308f474f731f0f68e36a16
- SHA512
  
  baf59ea6e8f3800251e41612728a6c6058bc8174a448374c63599f44e9c1f849b73d06fee4736eebc749995526c1b85742ae53c7b453a3477a80ccafb202b28d
- SSDEEP
  
  3072:cFYS3ho50A7woqBF+5D4yhNtjPku70oJmWnkmNkgC+rTa7nDxkcm4XJa:cJ3h40Bo42tN1PfVJygkgCX7nDxkl4
Score

10^/10

healer discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdiscoverydropperevasiontrojan

behavioral2

healerdiscoverydropperevasiontrojan

© 2018-2024

Terms | Privacy