hijackloader | 8a64254e4afe98ba46804aa9fb460aa12976dc3750933cb8ba7dda9e3d23a414 | Triage

Submit
Reports

Overview

overview

Static

static

2025-04-13...om.exe

windows10-2004-x64

7

Sharing

General

Target

2025-04-13_bbc5a78bd5edd1a3bb50bb368a700e99_black-basta_cobalt-strike_satacom
Size

4.9MB
Sample

250413-vdwmxazzfy
MD5

bbc5a78bd5edd1a3bb50bb368a700e99
SHA1

a65fac89b1e3b06286d07eb6a1129af7d64c4e30
SHA256

8a64254e4afe98ba46804aa9fb460aa12976dc3750933cb8ba7dda9e3d23a414
SHA512

e24cdcbbfb12e6c15f7b4bad99b7264160368daa59d5b55c6efcca56a892de75dc5e6b750be53d1b3c7e08df80dc931e8f69f48af48f7dbe83ba9e6044303d8b
SSDEEP

98304:WxWovdiForGveUuGTyF1MSEL6mPJ7vCkoWPAmb8HJJxB:WxWov8FWqeUuG+E/LdPUJo/b8rxB

Score

10^/10

hijackloader discovery

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2025-04-13_bbc5a78bd5edd1a3bb50bb368a700e99_black-basta_cobalt-strike_satacom.exe

Resource

win10v2004-20250410-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

hijackloader

Attributes

directory
%APPDATA%\Yrs_Docker
inject_dll
%windir%\SysWOW64\input.dll

xor.hex

Targets

- Target
  
  2025-04-13_bbc5a78bd5edd1a3bb50bb368a700e99_black-basta_cobalt-strike_satacom
- Size
  
  4.9MB
- MD5
  
  bbc5a78bd5edd1a3bb50bb368a700e99
- SHA1
  
  a65fac89b1e3b06286d07eb6a1129af7d64c4e30
- SHA256
  
  8a64254e4afe98ba46804aa9fb460aa12976dc3750933cb8ba7dda9e3d23a414
- SHA512
  
  e24cdcbbfb12e6c15f7b4bad99b7264160368daa59d5b55c6efcca56a892de75dc5e6b750be53d1b3c7e08df80dc931e8f69f48af48f7dbe83ba9e6044303d8b
- SSDEEP
  
  98304:WxWovdiForGveUuGTyF1MSEL6mPJ7vCkoWPAmb8HJJxB:WxWov8FWqeUuG+E/LdPUJo/b8rxB
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy