General
-
Target
2025-04-30_c5b68c37255ca7ee311d8802ba6f71ae_cobalt-strike_elex_hellokitty
-
Size
231KB
-
Sample
250430-pblr2aaj2w
-
MD5
c5b68c37255ca7ee311d8802ba6f71ae
-
SHA1
21a0814201f3092cd0fcc4ea4d8694533b796d57
-
SHA256
2e389ed0b61501e08004f9d26c24879e7e7742a10b64674d823f6067478dcaf5
-
SHA512
8f51adadf56465b1bdb3bdcdf6caea22e2ef2efee97d9d1d9f5a60936782d5045e4968355e6dba46d261d7b209877089e99f1b9f4925a6dd10a1d8bab51fd231
-
SSDEEP
3072:xNwCrquaP24/h7Q22oWvjWn+V4t4jrv34CovCW/bbtXALX1JFCHZk5IGzn6k7SCv:vUhAoAZoLntXEX1CHZk+G0Cv
Static task
static1
Malware Config
Extracted
koiloader
http://82.118.16.176/punctulum.php
-
payload_url
https://maconsmallbusinesses.com/wp-content/uploads/2018/08
Targets
-
-
Target
2025-04-30_c5b68c37255ca7ee311d8802ba6f71ae_cobalt-strike_elex_hellokitty
-
Size
231KB
-
MD5
c5b68c37255ca7ee311d8802ba6f71ae
-
SHA1
21a0814201f3092cd0fcc4ea4d8694533b796d57
-
SHA256
2e389ed0b61501e08004f9d26c24879e7e7742a10b64674d823f6067478dcaf5
-
SHA512
8f51adadf56465b1bdb3bdcdf6caea22e2ef2efee97d9d1d9f5a60936782d5045e4968355e6dba46d261d7b209877089e99f1b9f4925a6dd10a1d8bab51fd231
-
SSDEEP
3072:xNwCrquaP24/h7Q22oWvjWn+V4t4jrv34CovCW/bbtXALX1JFCHZk5IGzn6k7SCv:vUhAoAZoLntXEX1CHZk+G0Cv
-
Koiloader family
-
Detects KoiLoader payload
-