HijackLoader
ID: e3536a51-0374-5363-aa9e-be0f8dd2cdcb
STIX ID: report--e3536a51-0374-5363-aa9e-be0f8dd2cdcb
Feed Name: Zscaler Security Research Blog
Threat Score
This report analyzes the HijackLoader malware family, enumerating its modular components (e.g., ti, rshell, ESLDR, AVDATA), detailing anti-analysis techniques (including Heaven's Gate and AV process blocklists), persistence via BITS jobs and Startup LNKs, XOR-based payload decryption, and multiple sophisticated code-injection methods used to load and execute final payloads.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.