Overview

overview

10

Static

static

10

1400-116-0...ry.exe

windows7-x64

3

1400-116-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1400-116-0x0000000000400000-0x00000000004AF000-memory.dmp

  • Size

    700KB

  • MD5

    ffc215f17b4412649b8d94c9ae1d6959

  • SHA1

    25801ab1db4d328dceaf28f501087db622a81567

  • SHA256

    9d7a092141af4889c71430a54c11c318567aa2234404b55a7fa13ce1d22b3815

  • SHA512

    b46c56f90578e8d63cd2f6ab4b61386b2e26a5b3564ae5af1b4784d2434eaf625a0df68ae09e9ebdf6d14227bdce825ee0e30693e82f6b347b5d57756cbdef7a

  • SSDEEP

    3072:Ky6FohyMzQq/+HUFt/SDdFIOKfet/td8Hvf/IjoHFh:KfFohy4QqteIxfeNtfoH

Score
10/10
botcolibri

Malware Config

Extracted

Family

colibri

Version

1.4.1

Botnet

bot

C2

http://oraycdn.com/gate.php

rc4.plain

Signatures

  • Colibri family
    colibri
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1400-116-0x0000000000400000-0x00000000004AF000-memory.dmp
    .exe windows x86


    Headers

    Sections