Overview

overview

10

Static

static

3

asi.exe

windows7-x64

10

asi.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21-05-2024 10:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    asi.exe

  • Size

    181KB

  • MD5

    3efb2fe8decf061381fa5b05c534b3de

  • SHA1

    9da39f0ba7ed2110db318f87ec4d764225e06cfe

  • SHA256

    f14f9dabdaecbeba3f17b3388b78d7d7636ed631d4b61667d1afd298563273c8

  • SHA512

    fffd06be0832ac8dd20cf88df10ae10242a1c2a3f9e0782aa11923c83ce39f2dc5af3bbe88f208125f8945e6c0d364c5803127e25730eb16e5c1e8d3c6bc68ac

  • SSDEEP

    3072:3CmlA+2TGMF85+bkRG32foUP9GmPe97UoHMxyKK0MlwRvhMzsarTzwD1cS4u0+gE:SmlV4h8JG3QUzB9ly6trT6R4p4NZb

Score
10/10
koiloaderloader

Malware Config

Extracted

Family

koiloader

C2

http://79.124.78.45/hockamore.php

Attributes
  • payload_url

    https://rdccob.com.br/wp-content/uploads/2021

Signatures

  • KoiLoader

    KoiLoader is a malware loader written in C++.

    loaderkoiloader
  • Detects KoiLoader payload 1 IoCs
    loader

Processes

  • C:\Users\Admin\AppData\Local\Temp\asi.exe
    "C:\Users\Admin\AppData\Local\Temp\asi.exe"
    1⤵
      PID:2868

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2868-0-0x0000000000080000-0x000000000008D000-memory.dmp
      Filesize

      52KB

      Download