← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
HijackLoader Updates | ThreatLabz
WHITE CyberHunter_NL 2024-05-13 Modified: 2024-05-13
33
IOCs
MEDIUM VOLUME
Zscaler is the world’s leading zero trust software provider, providing security solutions that secure users, businesses, and the internet.. and security researchers have identified new variants of the Hijack loader.
hijackloaderheavenidat headerapissdbm hashinggatesdbm hashpng filepng imagexor cipherpythonpngremote accessremcoslummaracooninformationamadey
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
PNG Remote Access HijackLoader Remcos Lumma Racoon Information Amadey
Indicators of Compromise (33)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 0cae25d6ac8aced5058bba8d65d51022 MD5 of 1fbf01b3cb97fda61a065891f03dca7ed9187a4c1d0e8c5f24ef0001884a54da 2024-05-13
FileHash-MD5 14611473ddc78da94fdad540dd79952d MD5 of fcadcee5388fa2e6d4061c7621bf268cb3d156cb879314fa2f518d15f5fa2aa2 2024-05-13
FileHash-MD5 7673e8d092ee8766cf62ab0e816ce090 MD5 of cf42af2bdcec387df84ba7f8467bbcdad9719df2c524b6c9b7fffa55cfdc8844 2024-05-13
FileHash-MD5 9989056fbf94cb9c0e04f2a6eaa9a9ab MD5 of f37b158b3b3c6ef9f6fe08d0056915fc7e5a220d1dabb6a2b62364ae54dca0f1 2024-05-13
FileHash-MD5 9cb40f0ea01ffd7913ee534cf591d258 MD5 of c215c0838b1f8081a11ff3050d12fcfe67f14442ed2e18398f0c26c47931df44 2024-05-13
FileHash-MD5 cbef6a3b7a756f63920080098c8d3a5f MD5 of 9b15cb2782f953090caf76efe974c4ef8a5f28df3dbb3eff135d44306d80c29c 2024-05-13
FileHash-MD5 ce355f68f7fb9bcc5a1e140da2398489 MD5 of 56fd2541a36680249ec670d07a5682d2ef5a343d1feccbcf2c3da86bd546af85 2024-05-13
FileHash-MD5 d471b2f2fe01308799bb6af831a147a7 MD5 of d95e82392d720911f7eb5d8856b8ccd2427e51645975cdf8081560c2f6967ffb 2024-05-13
FileHash-MD5 dd44e087e92e35161f4c7f75b68d76c2 MD5 of e0a4f1c878f20e70143b358ddaa28242bac56be709b5702f3ad656341c54fb76 2024-05-13
FileHash-MD5 de6832dddc25cdfad6f3db172c331972 MD5 of 7a8db5d75ca30164236d2474a4719046a7814a4411cf703ffb702bf6319939d7 2024-05-13
FileHash-SHA1 15dcab8c8eff294fa94e92d251ad73718d66a7e2 SHA1 of 1fbf01b3cb97fda61a065891f03dca7ed9187a4c1d0e8c5f24ef0001884a54da 2024-05-13
FileHash-SHA1 26213509d8f2530920012e7bfc9b9c6b70bffb2a SHA1 of fcadcee5388fa2e6d4061c7621bf268cb3d156cb879314fa2f518d15f5fa2aa2 2024-05-13
FileHash-SHA1 330b9d23f430bdb57c362c936b67cc5389dc221a SHA1 of 9b15cb2782f953090caf76efe974c4ef8a5f28df3dbb3eff135d44306d80c29c 2024-05-13
FileHash-SHA1 65b58a63d23cac4854dc1e4c767087531043a03a SHA1 of 7a8db5d75ca30164236d2474a4719046a7814a4411cf703ffb702bf6319939d7 2024-05-13
FileHash-SHA1 68ee5c766ca04c6b2a113bc80d61e3c45c4dc13c SHA1 of c215c0838b1f8081a11ff3050d12fcfe67f14442ed2e18398f0c26c47931df44 2024-05-13
FileHash-SHA1 6dfd88bc5d48ef5646c30326b399d51137e7c8da SHA1 of f37b158b3b3c6ef9f6fe08d0056915fc7e5a220d1dabb6a2b62364ae54dca0f1 2024-05-13
FileHash-SHA1 78eb8a2245b5bedab3adf5617efa90d3b3f9a589 SHA1 of e0a4f1c878f20e70143b358ddaa28242bac56be709b5702f3ad656341c54fb76 2024-05-13
FileHash-SHA1 917b5d290b3a0a28e092ccd53d6f9206223d9293 SHA1 of 56fd2541a36680249ec670d07a5682d2ef5a343d1feccbcf2c3da86bd546af85 2024-05-13
FileHash-SHA1 a83afa85bc2b22c6972f8b9cc9edf26020d7afd4 SHA1 of cf42af2bdcec387df84ba7f8467bbcdad9719df2c524b6c9b7fffa55cfdc8844 2024-05-13
FileHash-SHA1 cbf653ce9ef4bef3b706bdb24a70d2cf00e8929f SHA1 of d95e82392d720911f7eb5d8856b8ccd2427e51645975cdf8081560c2f6967ffb 2024-05-13
FileHash-SHA256 1fbf01b3cb97fda61a065891f03dca7ed9187a4c1d0e8c5f24ef0001884a54da 2024-05-13
FileHash-SHA256 56fd2541a36680249ec670d07a5682d2ef5a343d1feccbcf2c3da86bd546af85 2024-05-13
FileHash-SHA256 7a8db5d75ca30164236d2474a4719046a7814a4411cf703ffb702bf6319939d7 2024-05-13
FileHash-SHA256 9b15cb2782f953090caf76efe974c4ef8a5f28df3dbb3eff135d44306d80c29c 2024-05-13
FileHash-SHA256 c215c0838b1f8081a11ff3050d12fcfe67f14442ed2e18398f0c26c47931df44 2024-05-13
FileHash-SHA256 cf42af2bdcec387df84ba7f8467bbcdad9719df2c524b6c9b7fffa55cfdc8844 2024-05-13
FileHash-SHA256 d95e82392d720911f7eb5d8856b8ccd2427e51645975cdf8081560c2f6967ffb 2024-05-13
FileHash-SHA256 e0a4f1c878f20e70143b358ddaa28242bac56be709b5702f3ad656341c54fb76 2024-05-13
FileHash-SHA256 f37b158b3b3c6ef9f6fe08d0056915fc7e5a220d1dabb6a2b62364ae54dca0f1 2024-05-13
FileHash-SHA256 fcadcee5388fa2e6d4061c7621bf268cb3d156cb879314fa2f518d15f5fa2aa2 2024-05-13
URL http://discussiowardder.website/api 2024-05-13
domain discussiowardder.website 2024-05-13
domain file.seek 2024-05-13
References (1)
↗ https://www.zscaler.com/blogs/security-research/hijackloader-updates#malware-delivery