koiloader | f0d0e314162c9668597b1973a7cd2a1b5bf7fdf53606e64d72834ec87659cb1e | Triage

Sharing

General

Target

f0d0e314162c9668597b1973a7cd2a1b5bf7fdf53606e64d72834ec87659cb1e
Size

189KB
Sample

250305-nyb1nsxqx5
MD5

b8265425bced1533d448785e2399862a
SHA1

69d4b29901bc0eabce61823f3ff4652e8ee57d48
SHA256

f0d0e314162c9668597b1973a7cd2a1b5bf7fdf53606e64d72834ec87659cb1e
SHA512

734bee015bb970e482fed5e4cbbb57fe8abe7cb85a2a7976fd1c028a69c41ba5f334b2fe2d833d8ac95ad76f6dd1148bea3e50d16e676f8f5cf0f02234941493
SSDEEP

3072:gA+MPNsjU+g/Pu92PkWMW50y4jrv34ClUCeZFNzhEIykhSYLXPlugCv:HJPxktlKgIykhSM91Cv

Score

10^/10

koiloader discovery loader

Malware Config

Extracted

Family

koiloader

C2

http://178.17.170.209/overglass.php

Attributes

payload_url
https://www.centralelatterieti.com/wp-content/uploads/2020

Targets

- Target
  
  f0d0e314162c9668597b1973a7cd2a1b5bf7fdf53606e64d72834ec87659cb1e
- Size
  
  189KB
- MD5
  
  b8265425bced1533d448785e2399862a
- SHA1
  
  69d4b29901bc0eabce61823f3ff4652e8ee57d48
- SHA256
  
  f0d0e314162c9668597b1973a7cd2a1b5bf7fdf53606e64d72834ec87659cb1e
- SHA512
  
  734bee015bb970e482fed5e4cbbb57fe8abe7cb85a2a7976fd1c028a69c41ba5f334b2fe2d833d8ac95ad76f6dd1148bea3e50d16e676f8f5cf0f02234941493
- SSDEEP
  
  3072:gA+MPNsjU+g/Pu92PkWMW50y4jrv34ClUCeZFNzhEIykhSYLXPlugCv:HJPxktlKgIykhSM91Cv
Score

10^/10

koiloader discovery loader
- KoiLoader
  KoiLoader is a malware loader written in C++.
  loader koiloader
- Koiloader family
  koiloader
- Detects KoiLoader payload
  loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

koiloaderdiscoveryloader

behavioral2

koiloaderdiscoveryloader