General
-
Target
7439706138.zip
-
Size
1.0MB
-
Sample
220520-gjbm2acfg6
-
MD5
4f4ea76c739c00e30282a391c75a8992
-
SHA1
72a8f2f420b0da1f5f81543779f751d33bf8b86a
-
SHA256
6e8068da509a8c2d2672a67f7b876fb0e67729e3d907cd2ec493e3e099b12a57
-
SHA512
881b2781bc2bd7e16a29ded8eaebe8e9f20b4db0c25981fa746e131e584c84c68ddef3c51e75288bfca22f4eb2dfa2d92d37c96ab20358694397902a9c1aecf0
Behavioral task
behavioral1
Sample
Attachments.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Attachments.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
Attachments.lnk
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
Attachments.lnk
Resource
win10v2004-20220414-en
Malware Config
Extracted
bumblebee
VPS1GROUP
23.82.19.208:443
Targets
-
-
Target
Attachments.dat
-
Size
2.2MB
-
MD5
e6a046d1baa7cd2100bdf48102b8a144
-
SHA1
a7838aa4f42c95ee245f9b62d2c894a4c2067894
-
SHA256
08cd6983f183ef65eabd073c01f137a913282504e2502ac34a1be3e599ac386b
-
SHA512
3d7cad15f9577926af9ee100d71fbf50a9f70c681d4735836a668b83828c97e63e514e78c9b64b2f328ae352a852d6e4053413888342d16196652c7d6283d242
Score8/10-
Blocklisted process makes network request
-
-
-
Target
Attachments.lnk
-
Size
1KB
-
MD5
cac3161c21fc24e8530ad189835f7d68
-
SHA1
f58e9d6ade2e933bb379ce5fb44e0fa4c598ba63
-
SHA256
96a0a7ee73984d9a2ed785ff822d090549769c16feed09d31322d9a36f53f856
-
SHA512
f961379e0d9085911f0dcee94521ded6aab34babb9ab824db221256d3f73bcbcab7795ddf26f5d11c80a7e15948c68241fab2e83ad2e678088045d65528e9a41
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-