← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector
WHITE Tr1sa111 2025-02-27 Modified: 2025-03-28
25
IOCs
MEDIUM VOLUME
koi stealerstudio helperrustdoor c2cryptocurrenciesmacosaptrust
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Koi Stealer
Indicators of Compromise (3 / 25 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 254aad39a432ff0df2ce35cc4ff3578afe1dc1df SHA1 of baa676b671e771bf04b245e648f49516b338e1f49cbd9b4d237cc36d57ab858d 2025-02-27
FileHash-SHA1 5ec7497107478f08ca5018bf659f9340880c059c SHA1 of a900ec81363358ef26bcdf7827f6091af44c3f1001bc8f52b766c9569b56faa5 2025-02-27
FileHash-SHA1 a246db8fe1a4f385ed5e2eed5087a60fd2be6b5a SHA1 of 76f96a35b6f638eed779dc127f29a5b537ffc3bb7accc2c9bfab5a2120ea6bc9 2025-02-27
References (1)
↗ https://unit42.paloaltonetworks.com/macos-malware-targets-crypto-sector/