2025-07-08 (TUESDAY): KOI LOADER/KOI STEALER INFECTION

NOTES:

• Zip files are password-protected.  Of note, this site has a new password scheme.  For the password, see the "about" page of this website.

ASSOCIATED FILES:

• 2025-07-08-IOCs-from-Koi-Loader-Koi-Stealer-infection.txt.zip   1.5 kB   (1,496 bytes)
• 2025-07-08-traffic-from-Koi-Loader-Koi-Stealer-infection.pcap.zip   48.7 MB   (48,724,056 bytes)
• 2025-07-08-malware-from-Koi-Loader-Koi-Stealer-infection.zip   8.5 kB   (8,467 bytes)

 

IMAGES

Shown above:  Retrieving the initial zip archive for this infection.

 

Shown above:  Traffic from the infection filtered in Wireshark.

 

 

Click here to return to the main page.