colibri | 9d7a092141af4889c71430a54c11c318567aa2234404b55a7fa13ce1d22b3815 | Triage

Sharing

General

Target

1400-116-0x0000000000400000-0x00000000004AF000-memory.dmp
Size

700KB
Sample

230615-tjxxgsac81
MD5

ffc215f17b4412649b8d94c9ae1d6959
SHA1

25801ab1db4d328dceaf28f501087db622a81567
SHA256

9d7a092141af4889c71430a54c11c318567aa2234404b55a7fa13ce1d22b3815
SHA512

b46c56f90578e8d63cd2f6ab4b61386b2e26a5b3564ae5af1b4784d2434eaf625a0df68ae09e9ebdf6d14227bdce825ee0e30693e82f6b347b5d57756cbdef7a
SSDEEP

3072:Ky6FohyMzQq/+HUFt/SDdFIOKfet/td8Hvf/IjoHFh:KfFohy4QqteIxfeNtfoH

Score

10^/10

colibri bot

Malware Config

Extracted

Family

colibri

Version

1.4.1

Botnet

bot

C2

http://oraycdn.com/gate.php

rc4.plain

Targets

- Target
  
  1400-116-0x0000000000400000-0x00000000004AF000-memory.dmp
- Size
  
  700KB
- MD5
  
  ffc215f17b4412649b8d94c9ae1d6959
- SHA1
  
  25801ab1db4d328dceaf28f501087db622a81567
- SHA256
  
  9d7a092141af4889c71430a54c11c318567aa2234404b55a7fa13ce1d22b3815
- SHA512
  
  b46c56f90578e8d63cd2f6ab4b61386b2e26a5b3564ae5af1b4784d2434eaf625a0df68ae09e9ebdf6d14227bdce825ee0e30693e82f6b347b5d57756cbdef7a
- SSDEEP
  
  3072:Ky6FohyMzQq/+HUFt/SDdFIOKfet/td8Hvf/IjoHFh:KfFohy4QqteIxfeNtfoH
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2