The Reveal Platform
Intel Name: Threat analysis: squidloader – still swimming under the radar
Date of Scan: July 16, 2025
Impact: High
Summary: A new wave of SquidLoader malware is actively targeting financial institutions in Hong Kong. This advanced malware demonstrates strong evasion techniques, showing near-zero detection of VirusTotal during analysis. SquidLoader’s attack chain leads to the deployment of a Cobalt Strike Beacon, enabling remote access and control. This blog provides a detailed technical breakdown of the sample, emphasizing its anti-analysis methods and key indicators of compromise.
