colibri | f092f8fc7c43aa626dda15580c760dffe41e17e03f5fe7fc50696baf36e0ffa0

Analysis

max time kernel
99s
max time network
89s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
08-02-2023 11:53

Target

093e6f5269af9c0bc8ab1c8209e096946bf8738489fa4cdef91f9c812e5db96b.exe
Size

18KB
MD5

a488f87ae6df46c70b00feef75571230
SHA1

595647989366986eea2046756d8aa273beda8f4e
SHA256

093e6f5269af9c0bc8ab1c8209e096946bf8738489fa4cdef91f9c812e5db96b
SHA512

ebcf65ac90406a6208c5ff56dda96eb1db5e3162658b1c7ac151fc3948c87e2930a872b6a2cf861309734a10662602eadb58e30109b366b377e4a2d97ef0db99
SSDEEP

384:YYZ6xLj3OQPScLGC7n60Pc+SXlekhBVvM8SIg:rZO3eLK57hE+ylekh7v

Score

10^/10

colibri bot loader

Family

colibri

Version

1.3.0

Botnet

bot

http://176.113.115.240/gate.php

rc4.plain

Colibri Loader
A loader sold as MaaS first seen in August 2021.
loader colibri

C:\Users\Admin\AppData\Local\Temp\093e6f5269af9c0bc8ab1c8209e096946bf8738489fa4cdef91f9c812e5db96b.exe
"C:\Users\Admin\AppData\Local\Temp\093e6f5269af9c0bc8ab1c8209e096946bf8738489fa4cdef91f9c812e5db96b.exe"
1⤵
PID:2012

memory/2012-54-0x0000000075D61000-0x0000000075D63000-memory.dmp

Filesize
8KB

Download
memory/2012-55-0x00000000009C0000-0x00000000009C7000-memory.dmp

Filesize
28KB

Download