koiloader | dbea0387cea59ca3fffda6aa56788cf6423374356c98abe74149a5890676c4ff | Triage

Sharing

General

Target

transhumanDAxj.exe
Size

231KB
Sample

250325-akebzs1rz3
MD5

fa635af71b3ed60ca730936a741b9444
SHA1

f426d37494b05261ec166aa1db07fe53ff8d1323
SHA256

dbea0387cea59ca3fffda6aa56788cf6423374356c98abe74149a5890676c4ff
SHA512

d809d06358ea0caecd853be246936161db9dfe08d67bbae5d3f0afc3ad7efc3c9e824460736f91aadb17bcc6d9532eef1756901daddf7b9a309926d8c171658c
SSDEEP

3072:hNwCrquaP24/h7Q22oWvjWn+V4t4jrv34CovCWdSx9I2BvQy4/T0NrhVF8UhRqv7:fUhAoAZoLdSH+3W7qv4Cv

Score

10^/10

koiloader discovery loader

Malware Config

Extracted

Family

koiloader

C2

http://94.247.42.253/pilot.php

Attributes

payload_url
https://casettalecese.it/wp-content/uploads/2022/10

Targets

- Target
  
  transhumanDAxj.exe
- Size
  
  231KB
- MD5
  
  fa635af71b3ed60ca730936a741b9444
- SHA1
  
  f426d37494b05261ec166aa1db07fe53ff8d1323
- SHA256
  
  dbea0387cea59ca3fffda6aa56788cf6423374356c98abe74149a5890676c4ff
- SHA512
  
  d809d06358ea0caecd853be246936161db9dfe08d67bbae5d3f0afc3ad7efc3c9e824460736f91aadb17bcc6d9532eef1756901daddf7b9a309926d8c171658c
- SSDEEP
  
  3072:hNwCrquaP24/h7Q22oWvjWn+V4t4jrv34CovCWdSx9I2BvQy4/T0NrhVF8UhRqv7:fUhAoAZoLdSH+3W7qv4Cv
Score

10^/10

koiloader discovery loader
- KoiLoader
  KoiLoader is a malware loader written in C++.
  loader koiloader
- Koiloader family
  koiloader
- Detects KoiLoader payload
  loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

koiloaderdiscoveryloader

behavioral2

koiloaderdiscoveryloader