healer | 4e2a44be15b1ab35fbe6e6b40c6b15d605dd3ca2fcd339e8f955b716fdfc0098 | Triage

Submit
Reports

Overview

overview

Static

static

3

2025-04-17...er.exe

windows10-2004-x64

2025-04-17...er.exe

windows11-21h2-x64

Sharing

General

Target

2025-04-17_bccf459aa09f167efaa0e2c6b3426f75_amadey_elex_rhadamanthys_smoke-loader
Size

334KB
Sample

250417-sg1pxswvg1
MD5

bccf459aa09f167efaa0e2c6b3426f75
SHA1

5cdc77e83f01af61755de06865b064a9d50a2e10
SHA256

4e2a44be15b1ab35fbe6e6b40c6b15d605dd3ca2fcd339e8f955b716fdfc0098
SHA512

93bcab71e0e8da6f15d21689d7423d5945512f672b8217bc7c948aa63a982044916b3dc435dda066b603a21cc262dc2c25e45041e9b7a9e56cdd9ecab9876434
SSDEEP

6144:iecLAHlsfgWuYZv2Z4PiFHquuS5r029hf:iec8HlcgLY1DP8qTaQkh

Score

10^/10

healer defense_evasion discovery dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2025-04-17_bccf459aa09f167efaa0e2c6b3426f75_amadey_elex_rhadamanthys_smoke-loader.exe

Resource

win10v2004-20250314-en

healer defense_evasion discovery dropper evasion trojan

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-04-17_bccf459aa09f167efaa0e2c6b3426f75_amadey_elex_rhadamanthys_smoke-loader.exe

Resource

win11-20250410-en

healer defense_evasion discovery dropper evasion trojan

windows11-21h2-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-04-17_bccf459aa09f167efaa0e2c6b3426f75_amadey_elex_rhadamanthys_smoke-loader
- Size
  
  334KB
- MD5
  
  bccf459aa09f167efaa0e2c6b3426f75
- SHA1
  
  5cdc77e83f01af61755de06865b064a9d50a2e10
- SHA256
  
  4e2a44be15b1ab35fbe6e6b40c6b15d605dd3ca2fcd339e8f955b716fdfc0098
- SHA512
  
  93bcab71e0e8da6f15d21689d7423d5945512f672b8217bc7c948aa63a982044916b3dc435dda066b603a21cc262dc2c25e45041e9b7a9e56cdd9ecab9876434
- SSDEEP
  
  6144:iecLAHlsfgWuYZv2Z4PiFHquuS5r029hf:iec8HlcgLY1DP8qTaQkh
Score

10^/10

healer defense_evasion discovery dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Healer family
  healer
- Modifies Windows Defender DisableAntiSpyware settings
  evasion trojan
- Modifies Windows Defender Real-time Protection settings
  defense_evasion trojan
- Modifies Windows Defender TamperProtection settings
  evasion trojan
- Modifies Windows Defender notification settings
  defense_evasion trojan
- Windows security modification
  defense_evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

healerdefense_evasiondiscoverydropperevasiontrojan

behavioral2

healerdefense_evasiondiscoverydropperevasiontrojan

© 2018-2025

Terms | Privacy