Tag: malware loader

3 Attack Reports | 0 Vulnerabilities

Attack reports

Technical Analysis of RiseLoader

RiseLoader, a new malware loader family observed in October 2024, implements a custom TCP-based binary network protocol similar to RisePro. It uses VMProtect for obfuscation and has been observed dropping malware families like Vidar, Lumma Stealer, XMRig, and Socks5Systemz. The malware collects inf…
xmrig
cryptocurrency
lumma stealer
malware loader
vidar
risepro
socks5systemz
2024-12-16
riseloader
Published: December 16, 2024
Downloadable IOCs: 0

Gaming Engines: An Undetected Playground for Malware Loaders

Check Point Research uncovered a new technique exploiting the Godot Engine to execute malicious GDScript code, remaining undetected by most antivirus tools. The technique has been used since June 2024, potentially infecting over 17,000 machines. A loader called GodLoader employs this method and is …
xmrig
malware loader
redline
cross-platform
gaming
2024-11-27
godot engine
gdscript
undetected technique
stargazers ghost network
godloader
Published: November 27, 2024
Downloadable IOCs: 0

HijackLoader Updates

HijackLoader, also known as IDAT Loader, is a modular malware loader capable of executing multiple payloads. It utilizes a variety of modules for code injection, execution, and evasion techniques. This report analyzes the updated version of HijackLoader, which includes new modules for bypassing Win…
rat
evasion
rhadamanthys
stealer
remcos
2024-05-03
2024-05-04
2024-05-05
2024-05-06
2024-05-07
amadey
lumma stealer
injection
modular
racoon stealer v2
malware loader
meta stealer
Published: May 7, 2024
Downloadable IOCs: 11
Click here to see more Attack Reports