hijackloader | 2895f26ebeb8334731591ac868e9ab554a3568632e3c62e802739e5d0fc38d88 | Triage

Submit
Reports

Overview

overview

Static

static

807675A50E...B7.exe

windows7-x64

807675A50E...B7.exe

windows10-2004-x64

Sharing

General

Target

807675A50EE7545E02DAEAC9822842B7.exe
Size

922KB
Sample

240501-q36rysac74
MD5

807675a50ee7545e02daeac9822842b7
SHA1

967094e1ef9155a031687396ba99855e54870612
SHA256

2895f26ebeb8334731591ac868e9ab554a3568632e3c62e802739e5d0fc38d88
SHA512

12a928dc23e7fd03996e5d41d8fce1d091b0fa979d379e63e6e89d58440f8a21a809a646e1c6431eda68d71515e1aed06219c4f3d8c0c86e25724b1d6e5af5b4
SSDEEP

24576:e8inPEBCZN5hoVlnJXzJ/SEVSoMAALia4:Dg5BuxF/SRF4

Score

10^/10

hijackloader stealc loader stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

807675A50EE7545E02DAEAC9822842B7.exe

Resource

win7-20240221-en

hijackloader stealc loader stealer

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

807675A50EE7545E02DAEAC9822842B7.exe

Resource

win10v2004-20240419-en

hijackloader stealc loader stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

stealc

C2

http://193.163.7.88

Attributes

url_path
/a69d09b357e06b52.php

Targets

- Target
  
  807675A50EE7545E02DAEAC9822842B7.exe
- Size
  
  922KB
- MD5
  
  807675a50ee7545e02daeac9822842b7
- SHA1
  
  967094e1ef9155a031687396ba99855e54870612
- SHA256
  
  2895f26ebeb8334731591ac868e9ab554a3568632e3c62e802739e5d0fc38d88
- SHA512
  
  12a928dc23e7fd03996e5d41d8fce1d091b0fa979d379e63e6e89d58440f8a21a809a646e1c6431eda68d71515e1aed06219c4f3d8c0c86e25724b1d6e5af5b4
- SSDEEP
  
  24576:e8inPEBCZN5hoVlnJXzJ/SEVSoMAALia4:Dg5BuxF/SRF4
Score

10^/10

hijackloader stealc loader stealer
- Detects HijackLoader (aka IDAT Loader)
- HijackLoader
  HijackLoader is a multistage loader first seen in 2023.
  loader hijackloader
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Downloads MZ/PE file
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

hijackloaderstealcloaderstealer

behavioral2

hijackloaderstealcloaderstealer

© 2018-2024

Terms | Privacy