hijackloader | 7b8dc3379917c6db1523145ab904e0c45830af1b085c2f48415d8ce9854a1fb0 | Triage

Submit
Reports

Overview

overview

Static

static

1

sample.html

windows10-2004-x64

Sharing

General

Target

sample
Size

69KB
Sample

240521-2k7gbacf58
MD5

a2bd7907058fb2a1e0006db5c8deeb5e
SHA1

70c089ad913c147e39f10f972d8f4191ff0e5056
SHA256

7b8dc3379917c6db1523145ab904e0c45830af1b085c2f48415d8ce9854a1fb0
SHA512

bc99d9f02a4c7b8999bf2040f1367a742e1ed8e2b3463138c231d32a38a504e764ee21159c712f761022f3389dbb6185b8be12f9274874aea0f4bd8d3490468d
SSDEEP

384:41ID1Lz4IEpQo3BhpV60w01pAgzVmV8eJ7kPynDTDVjXTksD9fCjA1i9X1hg:414uQoP1W8eJuq1i9X1hg

Score

10^/10

hijackloader discovery loader

Static task

static1

Behavioral task

behavioral1

Sample

sample.html

Resource

win10v2004-20240508-en

hijackloader discovery loader

windows10-2004-x64

25 signatures

300 seconds

Malware Config

Targets

- Target
  
  sample
- Size
  
  69KB
- MD5
  
  a2bd7907058fb2a1e0006db5c8deeb5e
- SHA1
  
  70c089ad913c147e39f10f972d8f4191ff0e5056
- SHA256
  
  7b8dc3379917c6db1523145ab904e0c45830af1b085c2f48415d8ce9854a1fb0
- SHA512
  
  bc99d9f02a4c7b8999bf2040f1367a742e1ed8e2b3463138c231d32a38a504e764ee21159c712f761022f3389dbb6185b8be12f9274874aea0f4bd8d3490468d
- SSDEEP
  
  384:41ID1Lz4IEpQo3BhpV60w01pAgzVmV8eJ7kPynDTDVjXTksD9fCjA1i9X1hg:414uQoP1W8eJuq1i9X1hg
Score

10^/10

hijackloader discovery loader
- Detects HijackLoader (aka IDAT Loader)
- HijackLoader
  HijackLoader is a multistage loader first seen in 2023.
  loader hijackloader
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

hijackloaderdiscoveryloader

© 2018-2024

Terms | Privacy