Intel Name: Analyzing new hijackloader evasion tactics
Date of Scan: April 1, 2025
Impact: Medium
Summary: HijackLoader, a malware loader first discovered in 2023, has been updated with new modules that enhance its evasion tactics. These include call stack spoofing to hide function call origins, anti-VM checks to detect analysis environments, and a module for establishing persistence through scheduled tasks. These updates aim to improve the loader’s ability to bypass security measures and maintain its presence on infected systems.
