Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    20-06-2024 06:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df9551c24b9cc63454b309c7ccf46b6e8120b78a296f955b509a570d7fb4f5ee.exe

  • Size

    181KB

  • MD5

    8510cb2c35805a8a67398a9970dbeac1

  • SHA1

    94420efc53314e8377414bf7a4381f68ef971464

  • SHA256

    df9551c24b9cc63454b309c7ccf46b6e8120b78a296f955b509a570d7fb4f5ee

  • SHA512

    af7b3ad957a9b22cdb0b11876656320a0b24e576ce44f9b1fb1ef445bd73f7509892daad20425d49f84a602a01ed3d2f2df500a9da6739cbb30a31f8561625d5

  • SSDEEP

    3072:HCmlA+2TGMF85+bkRG32foUP9GmPe97Uo5sAZBfNis05Y3uYm0sBF+iEPCLddQp0:imlV4h8JG3QUziAZBfNi1JD0s3fHb5P7

Score
10/10
koiloaderloader

Malware Config

Extracted

Family

koiloader

C2

http://176.10.111.71/guapen.php

Attributes
  • payload_url

    https://schermarieti.it/wp-content/uploads/2019/09

Signatures

  • KoiLoader

    KoiLoader is a malware loader written in C++.

    loaderkoiloader
  • Detects KoiLoader payload 1 IoCs
    loader

Processes

  • C:\Users\Admin\AppData\Local\Temp\df9551c24b9cc63454b309c7ccf46b6e8120b78a296f955b509a570d7fb4f5ee.exe
    "C:\Users\Admin\AppData\Local\Temp\df9551c24b9cc63454b309c7ccf46b6e8120b78a296f955b509a570d7fb4f5ee.exe"
    1⤵
      PID:236

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/236-0-0x0000000001120000-0x000000000112D000-memory.dmp
      Filesize

      52KB

      Download