APT_MAL_HemiGate_DLL_Loader_Sep23

Rule Info

Name

APT_MAL_HemiGate_DLL_Loader_Sep23

Author

X__Junior, Marius Benthin

Description

Detects DLL that loads HemiGate backdoor

Score

Reference

Date

2023-09-12

Modified

2025-03-26

Minimum Yara

1.7

Rule Hash

deb3d4e97b6f01a4a26bd9fb3485e3a3

Antivirus Verdicts

Rating

Number of Samples

Malicious (>= 10 engines)

Suspicious (< 10 engines)

Clean (0 engines)

Timestamp

Positives

Total

Hash

2025-04-15 16:44:41

d53346b5c8c6c76e7bc0407410a58328a1e214a4d359e558380963d29a35f71b

2025-04-02 13:07:12

82f3384723b21f9a928029bb3ee116f9adbc4f7ec66d5a856e817c3dc16d149d

2025-03-08 08:14:26

169ca1b4c9ca3aef84ef2c5320c032b6ff87608edcbf9b74df3a195b27d31082

2024-03-15 14:25:41

77dd87842f56750439b802a432b18714d345c86edfca61564db566c2737a988d

2024-01-11 23:07:05

67e3f336315db1677fa0805cb605af6552cd809930c87318fbf4310a157a263e

2023-10-04 15:24:18

e1a7e5f27362aaf0d12b58b96a816ef61a2a498def9805297aa81f6f83729230

2023-09-27 15:44:33

eeb3d2e87d343b2acf6bc8e4e4122d76a9ad200ae52340c61e537a80666705ed

2023-09-21 20:15:33

cdadad8d7ced1370baa5d1ffe435bed78c2d58ed4cda364b8a7484e3c7cdac98