General
-
Target
78e428ffa6d4bbcd4306de8f487d58316193cf7e6f56fca39e32859c2920b782.exe
-
Size
5.4MB
-
Sample
240725-egt1gsxcjm
-
MD5
af0196851c9279e5260a065bb8f0303a
-
SHA1
9fc63107b27e24184e0b28a717639f6ba590ac3e
-
SHA256
78e428ffa6d4bbcd4306de8f487d58316193cf7e6f56fca39e32859c2920b782
-
SHA512
211106407975ae5b7fef0cb6ee94137308e01bd6036243730a99f89f5b94c65ef3a90b57b3ea6f7d86b1ebf15220197e971b11666f7b97c742c4d985bf9dac3b
-
SSDEEP
98304:tNe3owTB0iX3gFtwFmvS/1wPVeBEecJkUv6LzS3vv3jirr3jjWiTaOvifviOr8IG:tU3owTB9X3atwFk1VeBEeEkTbI0nctaP
Malware Config
Targets
-
-
Target
78e428ffa6d4bbcd4306de8f487d58316193cf7e6f56fca39e32859c2920b782.exe
-
Size
5.4MB
-
MD5
af0196851c9279e5260a065bb8f0303a
-
SHA1
9fc63107b27e24184e0b28a717639f6ba590ac3e
-
SHA256
78e428ffa6d4bbcd4306de8f487d58316193cf7e6f56fca39e32859c2920b782
-
SHA512
211106407975ae5b7fef0cb6ee94137308e01bd6036243730a99f89f5b94c65ef3a90b57b3ea6f7d86b1ebf15220197e971b11666f7b97c742c4d985bf9dac3b
-
SSDEEP
98304:tNe3owTB0iX3gFtwFmvS/1wPVeBEecJkUv6LzS3vv3jirr3jjWiTaOvifviOr8IG:tU3owTB9X3atwFk1VeBEeEkTbI0nctaP
Score10/10-
Detects HijackLoader (aka IDAT Loader)
-
HijackLoader
HijackLoader is a multistage loader first seen in 2023.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-