hijackloader | WNBOZYUN[.]msi | Triage

Submit
Reports

Overview

overview

Static

static

WNBOZYUN.msi

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

WNBOZYUN.msi

Resource

win10v2004-20250314-en

sectoprat discovery persistence privilege_escalation rat spyware trojan

windows10-2004-x64

17 signatures

150 seconds

General

Target

WNBOZYUN.msi
Size

23.5MB
MD5

fbad39a4e69da1cc3bf48541c7905d4c
SHA1

747b277cd5bb37e719877e45864f3beedc949f06
SHA256

923efb46578f7f31a9734ec1d7e7e1b9edf1560fec54d7319179aa51cf3dd26a
SHA512

199763a4cc4fdde9aecec9b15523d1dc4283475128c0544ecab4dbe2887b62e9f54780e03539822f0f186e876b213269959ea07b2fbc4b01574a271784d1ef50
SSDEEP

196608:/W/NUkyHnX2H4hsNAW+X8XPCNzllXzYEj3Jl0kj386l4ClxDRpIqX:JDHnXA4hsNAdX8XPCNJnZT4i+qX

Score

10^/10

hijackloader

Malware Config

Extracted

Family

hijackloader

Attributes

directory
%APPDATA%\ServiceValid_testv2
inject_dll
%windir%\SysWOW64\pla.dll

xor.hex

Signatures

Hijackloader family
hijackloader

Files

WNBOZYUN.msi
.msi

© 2018-2025

Terms | Privacy