Extracted

Extracted

• • Target

    3aee16fd175032ee9188351aec3d27b73daf2692366cb6df91259b3b9c64fd08.js

  • Size

    1KB

  • MD5

    153635d66bd01a944dcd4661cec41896

  • SHA1

    47fe0783bc7b6db0c1456bf86cda61bdd31b5ca8

  • SHA256

    3aee16fd175032ee9188351aec3d27b73daf2692366cb6df91259b3b9c64fd08

  • SHA512

    28a4c1f24614609c2406fa32b5a4dc0531851abfe72d79ce71d477b4da7c87f0f399346dfba453591e3063dc6af4921b927ad7c24ffb619dec44e4a979f88ab5

  Score

  10^/10

  discoveryexecutionkoiloaderloader

  • KoiLoader

    KoiLoader is a malware loader written in C++.

    loaderkoiloader

  • Koiloader family

    koiloader

  • Detects KoiLoader payload

    loader

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Powershell Invoke Web Request.

    execution

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2