koiloader | f7a62de431dcf0a9450a9a5be8be9249bac9bc12541cb97ea41ba0d06a361409 | Triage

Submit
Reports

Overview

overview

Static

static

3

nagateliteqfUK.exe

windows7-x64

nagateliteqfUK.exe

windows10-1703-x64

Sharing

General

Target

nagateliteqfUK.exe
Size

178KB
Sample

240422-2c5bzshb63
MD5

42ed4a6d11b8601180ec24c63a77e6ee
SHA1

e77da3914f7af435584a4e60062d062a15c99902
SHA256

f7a62de431dcf0a9450a9a5be8be9249bac9bc12541cb97ea41ba0d06a361409
SHA512

bf7dd917cad57e7d16d9410cb59353edeb003cfbe398dd0e85b5229d2bae240af35847a85e1fae81bde7dc80a35a73442b28610e1c8b777a22afeab3a7cee196
SSDEEP

3072:TCmlA+2TGMF85+bkRG32foUP9GmPe97Uoxr/ud/Xj8mQXuNZ:WmlV4h8JG3QUz9/YXNQXuNZ

Score

10^/10

koiloader loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

nagateliteqfUK.exe

Resource

win7-20240221-en

koiloader loader

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

nagateliteqfUK.exe

Resource

win10-20240404-en

koiloader loader

windows10-1703-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

koiloader

C2

http://79.124.78.166/nitroglucose.php

Targets

- Target
  
  nagateliteqfUK.exe
- Size
  
  178KB
- MD5
  
  42ed4a6d11b8601180ec24c63a77e6ee
- SHA1
  
  e77da3914f7af435584a4e60062d062a15c99902
- SHA256
  
  f7a62de431dcf0a9450a9a5be8be9249bac9bc12541cb97ea41ba0d06a361409
- SHA512
  
  bf7dd917cad57e7d16d9410cb59353edeb003cfbe398dd0e85b5229d2bae240af35847a85e1fae81bde7dc80a35a73442b28610e1c8b777a22afeab3a7cee196
- SSDEEP
  
  3072:TCmlA+2TGMF85+bkRG32foUP9GmPe97Uoxr/ud/Xj8mQXuNZ:WmlV4h8JG3QUz9/YXNQXuNZ
Score

10^/10

koiloader loader
- KoiLoader
  KoiLoader is a malware loader written in C++.
  loader koiloader
- Detects KoiLoader payload
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

koiloaderloader

behavioral2

koiloaderloader

© 2018-2024

Terms | Privacy