hijackloader | b2b5c6a6a3e050dfe2aa13db6f9b02ce578dd224926f270ea0a433195ac1ba26 | Triage

Submit
Reports

Overview

overview

Static

static

WinMergeU.exe

windows10-2004-x64

Sharing

General

Target

WinMergeU.EXE
Size

6.8MB
Sample

250407-v9bbvaypz2
MD5

7f6e0664d4c5bcb2e823194a4b7fed92
SHA1

aeec739892a9bbd88c4031095e1428a6264c672e
SHA256

b2b5c6a6a3e050dfe2aa13db6f9b02ce578dd224926f270ea0a433195ac1ba26
SHA512

9f408086fd148d8a2769c7f97e6c3aea19e9242bc07cc8f82cacd099541269e71a09621c8de2627733846000879598ab2c45dccc348794dc815238aa39379143
SSDEEP

98304:zv4Bj7wWhZtiabODR9KI586Tz+yVpzhdfm8oAOz+yzp0BMW:sBj7wmZtiabgRE2THpzjefU

Score

10^/10

hijackloader loader

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

WinMergeU.exe

Resource

win10v2004-20250313-en

hijackloader loader

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

hijackloader

Attributes

directory
%APPDATA%\EMDB
inject_dll
%windir%\SysWOW64\esent.dll

xor.hex

Targets

- Target
  
  WinMergeU.EXE
- Size
  
  6.8MB
- MD5
  
  7f6e0664d4c5bcb2e823194a4b7fed92
- SHA1
  
  aeec739892a9bbd88c4031095e1428a6264c672e
- SHA256
  
  b2b5c6a6a3e050dfe2aa13db6f9b02ce578dd224926f270ea0a433195ac1ba26
- SHA512
  
  9f408086fd148d8a2769c7f97e6c3aea19e9242bc07cc8f82cacd099541269e71a09621c8de2627733846000879598ab2c45dccc348794dc815238aa39379143
- SSDEEP
  
  98304:zv4Bj7wWhZtiabODR9KI586Tz+yVpzhdfm8oAOz+yzp0BMW:sBj7wmZtiabgRE2THpzjefU
Score

10^/10

hijackloader loader
- Detects HijackLoader (aka IDAT Loader)
- HijackLoader
  HijackLoader is a multistage loader first seen in 2023.
  loader hijackloader
- Hijackloader family
  hijackloader
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hijackloaderloader

© 2018-2025

Terms | Privacy