koiloader | 6a79ced77846f964e877d404cb8a5c829ca6bac0b28bd161afd329685064c10e | Triage

Sharing

General

Target

6a79ced77846f964e877d404cb8a5c829ca6bac0b28bd161afd329685064c10e.exe
Size

41KB
Sample

250325-akjaya1rz5
MD5

3c5d5cd7b5e48090591184ef497a98b0
SHA1

f9a9771d1e0c12735dc037725fe07e56a75ee86a
SHA256

6a79ced77846f964e877d404cb8a5c829ca6bac0b28bd161afd329685064c10e
SHA512

8b404ab73c039db36fc323295455366ea5373811324fae4cdc266d9b47f5336c1bcaf1be9aa36a3a561fe297a2f778f5a3c34a2659b19a0cfb915d58e4825a22
SSDEEP

768:6TOI/K4hMkjIHltfWsJNvWb4WFdXh9gtHVgEAB9Fb5Sfzt4SfdQMYLe3hfKXe:6N/KzCIHpJNvWbDXh9hd9F+40dQXe3hz

Score

10^/10

koiloader discovery loader

Malware Config

Extracted

Family

koiloader

C2

http://94.247.42.253/pilot.php

Attributes

payload_url
https://casettalecese.it/wp-content/uploads/2022/10

Targets

- Target
  
  6a79ced77846f964e877d404cb8a5c829ca6bac0b28bd161afd329685064c10e.exe
- Size
  
  41KB
- MD5
  
  3c5d5cd7b5e48090591184ef497a98b0
- SHA1
  
  f9a9771d1e0c12735dc037725fe07e56a75ee86a
- SHA256
  
  6a79ced77846f964e877d404cb8a5c829ca6bac0b28bd161afd329685064c10e
- SHA512
  
  8b404ab73c039db36fc323295455366ea5373811324fae4cdc266d9b47f5336c1bcaf1be9aa36a3a561fe297a2f778f5a3c34a2659b19a0cfb915d58e4825a22
- SSDEEP
  
  768:6TOI/K4hMkjIHltfWsJNvWb4WFdXh9gtHVgEAB9Fb5Sfzt4SfdQMYLe3hfKXe:6N/KzCIHpJNvWbDXh9hd9F+40dQXe3hz
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

loaderkoiloader

behavioral1

behavioral2