New Hijack Loader Variant: Uses Process Hollowing, Has Enhanced Anti-Evasion Capabilities

May 23, 2024, 1:54 p.m.

Description

External References

https://any.run/cybersecurity-blog/new-hijackloader-version/?utm_source=csnandgbhackers&utm_medium=article_post&utm_campaign=birthday2024_scn&utm_content=plans&utm_term=200524/

https://otx.alienvault.com/pulse/664f4996470e45e98fc5d53a

Tags

loader

rhadamanthys

2024-05-23

api hooking

hijackloader

hijack loader

yara

tracker

suricata

loader variant

has enhanced

png image

user account

april

Date

Created: May 23, 2024, 1:50 p.m.
Published: May 23, 2024, 1:50 p.m.
Modified: May 23, 2024, 1:54 p.m.

Indicators

a38da72082fc2dc1f60b3b245e1f2382d5f8c1d08ebc397dd0d81cc9f74ebbe6
86bccbacd8e9fde23ff236155ee47f866dd7dd51c6129ed340034810a10705b3
0ae58be8d7058e40926fdb51b76043d109b96b91aa9fa2950dbb8a3626185e0f
discussiowardder.website

193.233.132.139
185.215.113.67
185.172.128.76

mail.zoomfilms-cz.com
wxt82.xyz

Download all indicators here!

Attack Patterns

Hijack Loader

T1104