Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    02-05-2024 01:12

General

  • Target

    2895f26ebeb8334731591ac868e9ab554a3568632e3c62e802739e5d0fc38d88.exe

  • Size

    922KB

  • MD5

    807675a50ee7545e02daeac9822842b7

  • SHA1

    967094e1ef9155a031687396ba99855e54870612

  • SHA256

    2895f26ebeb8334731591ac868e9ab554a3568632e3c62e802739e5d0fc38d88

  • SHA512

    12a928dc23e7fd03996e5d41d8fce1d091b0fa979d379e63e6e89d58440f8a21a809a646e1c6431eda68d71515e1aed06219c4f3d8c0c86e25724b1d6e5af5b4

  • SSDEEP

    24576:e8inPEBCZN5hoVlnJXzJ/SEVSoMAALia4:Dg5BuxF/SRF4

Score
10/10

Malware Config

Signatures

  • Detects HijackLoader (aka IDAT Loader) 1 IoCs
  • HijackLoader

    HijackLoader is a multistage loader first seen in 2023.

  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2895f26ebeb8334731591ac868e9ab554a3568632e3c62e802739e5d0fc38d88.exe
    "C:\Users\Admin\AppData\Local\Temp\2895f26ebeb8334731591ac868e9ab554a3568632e3c62e802739e5d0fc38d88.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2204-0-0x0000000000400000-0x00000000004E8000-memory.dmp

    Filesize

    928KB

  • memory/2204-1-0x0000000074A30000-0x0000000074BA4000-memory.dmp

    Filesize

    1.5MB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.