koiloader | 1bf9b7373c85224cd3378b8382e943404add71c6aadc6811ce50f15486d56668 | Triage

Sharing

General

Target

1bf9b7373c85224cd3378b8382e943404add71c6aadc6811ce50f15486d56668.exe
Size

40KB
Sample

240821-pnb4csybrf
MD5

bd64ec63b75830807bbf03895376713f
SHA1

02357ecf24a0b568a877583165ec192595db22d8
SHA256

1bf9b7373c85224cd3378b8382e943404add71c6aadc6811ce50f15486d56668
SHA512

071ca63c9032d08995ce5a4cc94ecc24a669e51e6087faf18017c1adc3d9378425b5785b079b64fd4dd67f76cf24c4601109f001adabdb2a8ef2d144421aee82
SSDEEP

768:qTOI/KJYsFca5ZGsbNfEIdP1NdNh9um/dBFW7Qk9FLRxbjC+cHLuepvKBWy:qN/KJlFcatbNfEIHNh9JFFk9FP6urWy

Score

10^/10

koiloader discovery loader

Malware Config

Extracted

Family

koiloader

C2

http://79.124.78.127/enjambment.php

Attributes

payload_url
https://lodovicicostruzioni.com/wp-content/uploads/2018/08

Targets

- Target
  
  1bf9b7373c85224cd3378b8382e943404add71c6aadc6811ce50f15486d56668.exe
- Size
  
  40KB
- MD5
  
  bd64ec63b75830807bbf03895376713f
- SHA1
  
  02357ecf24a0b568a877583165ec192595db22d8
- SHA256
  
  1bf9b7373c85224cd3378b8382e943404add71c6aadc6811ce50f15486d56668
- SHA512
  
  071ca63c9032d08995ce5a4cc94ecc24a669e51e6087faf18017c1adc3d9378425b5785b079b64fd4dd67f76cf24c4601109f001adabdb2a8ef2d144421aee82
- SSDEEP
  
  768:qTOI/KJYsFca5ZGsbNfEIdP1NdNh9um/dBFW7Qk9FLRxbjC+cHLuepvKBWy:qN/KJlFcatbNfEIHNh9JFFk9FP6urWy
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

loaderkoiloader

behavioral1

behavioral2