koiloader | 164434e81da57b4e1f82572eb06c93ecb1ec9efd427892a4425e31ab37a8cbc3 | Triage

Submit
Reports

Overview

overview

Static

static

1

Chasebank_...eb.lnk

windows10-2004-x64

Sharing

General

Target

Chasebank_statement_feb.lnk
Size

3KB
Sample

240510-xstszace8v
MD5

7c362c0f48b3ccfd8e6b19c8c0027b5f
SHA1

05c23b1099393f18084ba766f79f7a04e92143af
SHA256

164434e81da57b4e1f82572eb06c93ecb1ec9efd427892a4425e31ab37a8cbc3
SHA512

7a5bc5ec05bff3121358a75030bfa9dd213d8145d51529f090d634fac1fbbf60e7384712e7aac4be68e85dcef5b6f13bcf2268d87fc9e57a9e687b7e5fb11c09

Score

10^/10

koiloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

Chasebank_statement_feb.lnk

Resource

win10v2004-20240426-en

koiloader execution loader

windows10-2004-x64

19 signatures

300 seconds

Malware Config

Extracted

Family

koiloader

C2

http://45.129.199.204/config.php

Attributes

payload_url
https://www.fuchs.com.sd/media/media/js

Targets

- Target
  
  Chasebank_statement_feb.lnk
- Size
  
  3KB
- MD5
  
  7c362c0f48b3ccfd8e6b19c8c0027b5f
- SHA1
  
  05c23b1099393f18084ba766f79f7a04e92143af
- SHA256
  
  164434e81da57b4e1f82572eb06c93ecb1ec9efd427892a4425e31ab37a8cbc3
- SHA512
  
  7a5bc5ec05bff3121358a75030bfa9dd213d8145d51529f090d634fac1fbbf60e7384712e7aac4be68e85dcef5b6f13bcf2268d87fc9e57a9e687b7e5fb11c09
Score

10^/10

koiloader execution loader
- KoiLoader
  KoiLoader is a malware loader written in C++.
  loader koiloader
- Detects KoiLoader payload
  loader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

JavaScript

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

koiloaderexecutionloader

© 2018-2024

Terms | Privacy