koiloader | 195c6af5174895c9b5fbf451de76dd7df5f51cdc7086e528e601c1248cf6885a | Triage

Sharing

General

Target

0932dfb743754310070dc626a55e464918efe8be.exe
Size

189KB
Sample

241111-xe6wdaspgw
MD5

2128d38119371c238a3d405d12df80c4
SHA1

0932dfb743754310070dc626a55e464918efe8be
SHA256

195c6af5174895c9b5fbf451de76dd7df5f51cdc7086e528e601c1248cf6885a
SHA512

8034942a314e9bdf2bfa33f463b2b9aa9eb0408bada93f72c5fde84d2efc354e996958af11927fb5920c873c6d50e69244390f58f316f7add97ebd55d64f1e86
SSDEEP

3072:YA+MPNsjU+g/Pu92PkWMW50y4jrv34ClUCeCw2AC1rEMmy1juCTjIUHaPtYSAJwX:/JPxktlKCw2oMmy1iCXZHaPtIJw28eiF

Score

10^/10

koiloader discovery loader

Malware Config

Extracted

Family

koiloader

C2

http://193.31.41.56/take.php

Attributes

payload_url
https://calicorieti.it/wp-content/uploads/2023/07

Targets

- Target
  
  0932dfb743754310070dc626a55e464918efe8be.exe
- Size
  
  189KB
- MD5
  
  2128d38119371c238a3d405d12df80c4
- SHA1
  
  0932dfb743754310070dc626a55e464918efe8be
- SHA256
  
  195c6af5174895c9b5fbf451de76dd7df5f51cdc7086e528e601c1248cf6885a
- SHA512
  
  8034942a314e9bdf2bfa33f463b2b9aa9eb0408bada93f72c5fde84d2efc354e996958af11927fb5920c873c6d50e69244390f58f316f7add97ebd55d64f1e86
- SSDEEP
  
  3072:YA+MPNsjU+g/Pu92PkWMW50y4jrv34ClUCeCw2AC1rEMmy1juCTjIUHaPtYSAJwX:/JPxktlKCw2oMmy1iCXZHaPtIJw28eiF
Score

10^/10

koiloader discovery loader
- KoiLoader
  KoiLoader is a malware loader written in C++.
  loader koiloader
- Koiloader family
  koiloader
- Detects KoiLoader payload
  loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

koiloaderdiscoveryloader

behavioral2

koiloaderdiscoveryloader