koiloader | 7352af121cb003e2da20897a5da8f3bbb74e15294bbbb6223344318fb731f93a | Triage

Sharing

General

Target

supraoesophagealYdF.exe
Size

231KB
Sample

250402-r39paayshx
MD5

3826d6e4578b3fcf87accf5b7979103d
SHA1

47aa90bb8ac56a4a697e6750a4a980669d36a8aa
SHA256

7352af121cb003e2da20897a5da8f3bbb74e15294bbbb6223344318fb731f93a
SHA512

a88f1f13f9d2e1d63dac4266c65f8b5c8fc1e3b6aec8264924f3400ca63f5ce25eca041d2f092cbcab5a5b00f94131df15c741bc6b17dd162a0b309a97187942
SSDEEP

3072:BNwCrquaP24/h7Q22oWvjWn+V4t4jrv34CovCWfhalxqlemcosuF07SCv:/UhAoAZoLfhavql9copFBCv

Score

10^/10

koiloader discovery loader

Malware Config

Extracted

Family

koiloader

C2

http://217.156.66.15/gnathopoda.php

Attributes

payload_url
https://studiolegaledesanctis.eu/wp-content/uploads/2024/07

Targets

- Target
  
  supraoesophagealYdF.exe
- Size
  
  231KB
- MD5
  
  3826d6e4578b3fcf87accf5b7979103d
- SHA1
  
  47aa90bb8ac56a4a697e6750a4a980669d36a8aa
- SHA256
  
  7352af121cb003e2da20897a5da8f3bbb74e15294bbbb6223344318fb731f93a
- SHA512
  
  a88f1f13f9d2e1d63dac4266c65f8b5c8fc1e3b6aec8264924f3400ca63f5ce25eca041d2f092cbcab5a5b00f94131df15c741bc6b17dd162a0b309a97187942
- SSDEEP
  
  3072:BNwCrquaP24/h7Q22oWvjWn+V4t4jrv34CovCWfhalxqlemcosuF07SCv:/UhAoAZoLfhavql9copFBCv
Score

10^/10

koiloader discovery loader
- KoiLoader
  KoiLoader is a malware loader written in C++.
  loader koiloader
- Koiloader family
  koiloader
- Detects KoiLoader payload
  loader
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

koiloaderdiscoveryloader