colibri | f5fd02ebd2376fd1bc1ff121e9bfda618755a5c049edc8a4288eb67eb1cc7f9b | Triage

Sharing

General

Target

f5fd02ebd2376fd1bc1ff121e9bfda618755a5c049edc8a4288eb67eb1cc7f9b
Size

184KB
Sample

240410-sbpepsca74
MD5

ea8b7985d8d87460fa4576526c837260
SHA1

d164dcd8d7dd0d8eefc727f959c2a1502e6197f1
SHA256

f5fd02ebd2376fd1bc1ff121e9bfda618755a5c049edc8a4288eb67eb1cc7f9b
SHA512

0410569aecdf92680ec0db3955c10920e6a37f8f22822a52e4ae9f492f15b4e99c42fbf6c7496f6e71be344137518364bf86f332918ecd1d21d393b4b7908434
SSDEEP

3072:bwCHCyuae5vyTrOox8gU4oTuHVadDDrPN74ZIomYxoLmMJhKI:bwCHvua6ToxVPGDDz11onxoyo

Score

10^/10

colibri traffic1 loader

Malware Config

Extracted

Family

colibri

Version

1.2.0

Botnet

traffic1

C2

http://188.130.139.47/gate.php

rc4.plain

Targets

- Target
  
  f5fd02ebd2376fd1bc1ff121e9bfda618755a5c049edc8a4288eb67eb1cc7f9b
- Size
  
  184KB
- MD5
  
  ea8b7985d8d87460fa4576526c837260
- SHA1
  
  d164dcd8d7dd0d8eefc727f959c2a1502e6197f1
- SHA256
  
  f5fd02ebd2376fd1bc1ff121e9bfda618755a5c049edc8a4288eb67eb1cc7f9b
- SHA512
  
  0410569aecdf92680ec0db3955c10920e6a37f8f22822a52e4ae9f492f15b4e99c42fbf6c7496f6e71be344137518364bf86f332918ecd1d21d393b4b7908434
- SSDEEP
  
  3072:bwCHCyuae5vyTrOox8gU4oTuHVadDDrPN74ZIomYxoLmMJhKI:bwCHvua6ToxVPGDDz11onxoyo
Score

10^/10

colibri traffic1 loader
- Colibri Loader
  A loader sold as MaaS first seen in August 2021.
  loader colibri
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

colibritraffic1loader

behavioral2

colibritraffic1loader