colibri | 47fd76d215a1b6352194258ec50a2fecd89d68995995d801d6040731d3e3a800 | Triage

Submit
Reports

Overview

overview

Static

static

7

9438b1bd80...4d.exe

windows7-x64

9438b1bd80...4d.exe

windows10-2004-x64

Sharing

General

Target

9438b1bd807138a06bd30d58f6b9d84d
Size

6.2MB
Sample

240206-jzv3qabec6
MD5

9438b1bd807138a06bd30d58f6b9d84d
SHA1

dae95568f3944b72d2c7e02eca17c8824f5abe54
SHA256

47fd76d215a1b6352194258ec50a2fecd89d68995995d801d6040731d3e3a800
SHA512

35de3b7a2c7aa490838f325c58f9d3d7bdc9f87e4aa640045c81762900b6662516c6de3111260731fd8b220da695e9546bea29a2fad6c6ecc0ce73c79fb5b67b
SSDEEP

196608:rhuDpBTVBvPr9oCHkPHGUxcXeuwu7XZNSstVIn1/7/Re:rhaBBBnrNcHGUaLwcuXn+

Score

10^/10

colibri loader vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9438b1bd807138a06bd30d58f6b9d84d.exe

Resource

win7-20231215-en

colibri loader vmprotect

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

9438b1bd807138a06bd30d58f6b9d84d.exe

Resource

win10v2004-20231215-en

colibri loader vmprotect

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

colibri

C2

http://80.92.205.102/gate.php

rc4.plain

Targets

- Target
  
  9438b1bd807138a06bd30d58f6b9d84d
- Size
  
  6.2MB
- MD5
  
  9438b1bd807138a06bd30d58f6b9d84d
- SHA1
  
  dae95568f3944b72d2c7e02eca17c8824f5abe54
- SHA256
  
  47fd76d215a1b6352194258ec50a2fecd89d68995995d801d6040731d3e3a800
- SHA512
  
  35de3b7a2c7aa490838f325c58f9d3d7bdc9f87e4aa640045c81762900b6662516c6de3111260731fd8b220da695e9546bea29a2fad6c6ecc0ce73c79fb5b67b
- SSDEEP
  
  196608:rhuDpBTVBvPr9oCHkPHGUxcXeuwu7XZNSstVIn1/7/Re:rhaBBBnrNcHGUaLwcuXn+
Score

10^/10

colibri loader vmprotect
- Colibri Loader
  A loader sold as MaaS first seen in August 2021.
  loader colibri
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

colibriloadervmprotect

behavioral2

colibriloadervmprotect

© 2018-2024

Terms | Privacy