colibri | b1fc2855f5579f02ac6d03c2d20e85948e9609fd769389addb8ce5986b1f8ecd | Triage

Sharing

General

Target

b1fc2855f5579f02ac6d03c2d20e85948e9609fd769389addb8ce5986b1f8ecd
Size

181KB
Sample

240410-qtam6ace8s
MD5

5a571acd7cd29f4aaf3563d4b77a196f
SHA1

afd8f82b1f9ead6e865ce8c12c5b9185ffdeb2bb
SHA256

b1fc2855f5579f02ac6d03c2d20e85948e9609fd769389addb8ce5986b1f8ecd
SHA512

c79cb3597701d7c7c1fbde82d0b9826cf890c1c54d9a61116b0c88ec1f18fd15775004873f7fec8ebd0d1f5caaf826698e06fedad4c7a2c4c5985ffb2ffffd59
SSDEEP

3072:9GSrVqwQITouTpXo/OXu3AUF/pstBaDqwONnct437Bl3N2UL8n:DQwQSl4rQUF/p/uwONct43j92U

Score

10^/10

colibri traffic1 loader

Malware Config

Extracted

Family

colibri

Version

1.2.0

Botnet

traffic1

C2

http://188.130.139.47/gate.php

rc4.plain

Targets

- Target
  
  b1fc2855f5579f02ac6d03c2d20e85948e9609fd769389addb8ce5986b1f8ecd
- Size
  
  181KB
- MD5
  
  5a571acd7cd29f4aaf3563d4b77a196f
- SHA1
  
  afd8f82b1f9ead6e865ce8c12c5b9185ffdeb2bb
- SHA256
  
  b1fc2855f5579f02ac6d03c2d20e85948e9609fd769389addb8ce5986b1f8ecd
- SHA512
  
  c79cb3597701d7c7c1fbde82d0b9826cf890c1c54d9a61116b0c88ec1f18fd15775004873f7fec8ebd0d1f5caaf826698e06fedad4c7a2c4c5985ffb2ffffd59
- SSDEEP
  
  3072:9GSrVqwQITouTpXo/OXu3AUF/pstBaDqwONnct437Bl3N2UL8n:DQwQSl4rQUF/p/uwONct43j92U
Score

10^/10

colibri traffic1 loader
- Colibri Loader
  A loader sold as MaaS first seen in August 2021.
  loader colibri
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

colibritraffic1loader