Overview

overview

10

Static

static

7

0e78df6926...2f.exe

windows7-x64

10

0e78df6926...2f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0e78df69265dc57c37673bdee540ce2f

  • Size

    6.3MB

  • Sample

    231230-e3r31sdaap

  • MD5

    0e78df69265dc57c37673bdee540ce2f

  • SHA1

    a1231f08b5fca28fa29b6c9621cf01c4e82f3d95

  • SHA256

    6b74dc043f9a12823ed98d704e4c8543c9b5d8b9240e65e9d31d2303ab914906

  • SHA512

    5fadb364171434da14d9eeb608bea23ea1278a5a871c9613fdf97ac2bcf19d701b24d5bd85cc138a9cfd0226bac7babd2c46a7dedb70326f7bb57ff88dc084b0

  • SSDEEP

    196608:zfija2TcwZTDVO2Z6+CTV69Vd8hhWTGPr4uDt7T:GDOMCTQ4hhuE4uDxT

Score
10/10
colibriloadervmprotect

Malware Config

Extracted

Family

colibri

C2

http://94.103.80.169/gate.php

rc4.plain

Targets

    • Target

      0e78df69265dc57c37673bdee540ce2f

    • Size

      6.3MB

    • MD5

      0e78df69265dc57c37673bdee540ce2f

    • SHA1

      a1231f08b5fca28fa29b6c9621cf01c4e82f3d95

    • SHA256

      6b74dc043f9a12823ed98d704e4c8543c9b5d8b9240e65e9d31d2303ab914906

    • SHA512

      5fadb364171434da14d9eeb608bea23ea1278a5a871c9613fdf97ac2bcf19d701b24d5bd85cc138a9cfd0226bac7babd2c46a7dedb70326f7bb57ff88dc084b0

    • SSDEEP

      196608:zfija2TcwZTDVO2Z6+CTV69Vd8hhWTGPr4uDt7T:GDOMCTQ4hhuE4uDxT

    Score
    10/10
    colibriloadervmprotect

    • Colibri Loader

      A loader sold as MaaS first seen in August 2021.

      loadercolibri

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks