General

  • Target

    2025-04-30_c5b68c37255ca7ee311d8802ba6f71ae_cobalt-strike_elex_hellokitty

  • Size

    231KB

  • Sample

    250430-pblr2aaj2w

  • MD5

    c5b68c37255ca7ee311d8802ba6f71ae

  • SHA1

    21a0814201f3092cd0fcc4ea4d8694533b796d57

  • SHA256

    2e389ed0b61501e08004f9d26c24879e7e7742a10b64674d823f6067478dcaf5

  • SHA512

    8f51adadf56465b1bdb3bdcdf6caea22e2ef2efee97d9d1d9f5a60936782d5045e4968355e6dba46d261d7b209877089e99f1b9f4925a6dd10a1d8bab51fd231

  • SSDEEP

    3072:xNwCrquaP24/h7Q22oWvjWn+V4t4jrv34CovCW/bbtXALX1JFCHZk5IGzn6k7SCv:vUhAoAZoLntXEX1CHZk+G0Cv

Malware Config

Extracted

Family

koiloader

C2

http://82.118.16.176/punctulum.php

Attributes
  • payload_url

    https://maconsmallbusinesses.com/wp-content/uploads/2018/08

Targets

    • Target

      2025-04-30_c5b68c37255ca7ee311d8802ba6f71ae_cobalt-strike_elex_hellokitty

    • Size

      231KB

    • MD5

      c5b68c37255ca7ee311d8802ba6f71ae

    • SHA1

      21a0814201f3092cd0fcc4ea4d8694533b796d57

    • SHA256

      2e389ed0b61501e08004f9d26c24879e7e7742a10b64674d823f6067478dcaf5

    • SHA512

      8f51adadf56465b1bdb3bdcdf6caea22e2ef2efee97d9d1d9f5a60936782d5045e4968355e6dba46d261d7b209877089e99f1b9f4925a6dd10a1d8bab51fd231

    • SSDEEP

      3072:xNwCrquaP24/h7Q22oWvjWn+V4t4jrv34CovCW/bbtXALX1JFCHZk5IGzn6k7SCv:vUhAoAZoLntXEX1CHZk+G0Cv

MITRE ATT&CK Enterprise v16

Tasks