General

  • Target

    sd2.ps1

  • Size

    466KB

  • Sample

    250425-ll3azsstez

  • MD5

    7a441a7e686aa409412f220e4a50b7d1

  • SHA1

    eb8ef763e195ba723bbc37aad06a50467387dd43

  • SHA256

    b29edac39c00705b647db6ab0539aeaddcca3abd91cda4b8a68c75ee6318206c

  • SHA512

    05e45814569082e47ab31c072ab119748827f54508eac004a093f6114fdbe8eefbd17bf754d57d8f48b3d6836a07c4826b46b2ae6f995bd1cb66e52de1e45cf6

  • SSDEEP

    6144:f4m3IVr1QxZ8Pv9b3zzxFifMPbWkE1o08246c+nu2KTHZ70wdPX5OUG6jPjtPWyC:gmYVexdM2ol2jS7Rnh5uwszO6eM19L++

Malware Config

Targets

    • Target

      sd2.ps1

    • Size

      466KB

    • MD5

      7a441a7e686aa409412f220e4a50b7d1

    • SHA1

      eb8ef763e195ba723bbc37aad06a50467387dd43

    • SHA256

      b29edac39c00705b647db6ab0539aeaddcca3abd91cda4b8a68c75ee6318206c

    • SHA512

      05e45814569082e47ab31c072ab119748827f54508eac004a093f6114fdbe8eefbd17bf754d57d8f48b3d6836a07c4826b46b2ae6f995bd1cb66e52de1e45cf6

    • SSDEEP

      6144:f4m3IVr1QxZ8Pv9b3zzxFifMPbWkE1o08246c+nu2KTHZ70wdPX5OUG6jPjtPWyC:gmYVexdM2ol2jS7Rnh5uwszO6eM19L++

    • KoiStealer

      KoiStealer is an infostealer written in C#.

    • Koistealer family

    • Detects KoiStealer payload

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v16

Tasks