{
  "name": "DOGE Binary Loader Indicators of Compromise",
  "slug": "doge-binary-loader-indicators-of-compromise",
  "description": "This intelligence document provides a list of Indicators of Compromise (IoCs) associated with the DOGE Binary Loader. It includes several malicious URLs hosted on the domain 'hilarious-trifle-d9182e.netlify.app' along with their corresponding SHA-256 hashes. The listed files include PowerShell scripts ('lootsubmit.ps1' and 'trackerjacker.ps1'), a PNG image ('qrcode.png'), and an executable ('ktool.exe'). These IoCs are crucial for identifying and mitigating potential infections related to the DOGE Binary Loader malware campaign.",
  "published": "2025-04-22T14:40:55+00:00",
  "created_at": "2025-04-22T14:40:55+00:00",
  "modified_at": "2025-04-22T20:47:21+00:00",
  "created_at_opencti": "2025-04-22T14:40:55+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2025-04-22",
    "doge binary loader",
    "ioc",
    "netlify",
    "powershell",
    "sha-256",
    "url"
  ],
  "related_entities": {
    "malware": [
      {
        "id": "c7c5d76f-bba7-4381-8455-724614b6a5e7",
        "name": "DOGE Binary Loader",
        "slug": "doge-binary-loader"
      }
    ],
    "attack_patterns": [
      {
        "id": "32b33067-6566-4b8d-be80-e96f765d84de",
        "name": "T1059.001"
      },
      {
        "id": "196f2a64-c55b-47a6-8e38-beb76ba700b6",
        "name": "T1204.002"
      },
      {
        "id": "926a888c-190c-4efb-ab6b-f9d7e6a0fc54",
        "name": "T1547"
      },
      {
        "id": "0c836307-129e-4ff7-a532-180c633cacba",
        "name": "T1027"
      }
    ]
  },
  "external_refs": [
    "https://documents.trendmicro.com/images/TEx/DOGE-Binary-Loader-IoCsfutsQEh.txt",
    "https://otx.alienvault.com/pulse/6807c697bf4aed9f93dbef55"
  ]
}