bumblebee | 1124-90-0x0000000002570000-0x0000000002687000-memory[.]dmp

General

Target

1124-90-0x0000000002570000-0x0000000002687000-memory.dmp
Size

1.1MB
MD5

9b86f89877aff6ef3dcf4e69b9c69ad2
SHA1

db86aad6944ef87ca5f23a913f556c52467c8ad4
SHA256

8324c4eb3b44c1d75d61f9b72e4b84881adf863441ff4d49985b8c9ab6417aaf
SHA512

a4c3446fa889ee906c15990bc3b1f855aad35d70981078653f0e772aa14c01863100362ba9e06cb5f65d5037b76150b74e7b00d6bafc1b733dcecb76aeab25d9
SSDEEP

24576:J3U9FU5g/dAFCeycmdopdEfrVDN6kjhfK9:k/OpycmYUpDN6kjF

Score

10^/10

146l bumblebee

Malware Config

Extracted

Family

bumblebee

Botnet

146l

C2

242.165.212.79:339

162.144.249.150:239

63.122.120.151:268

144.52.138.51:193

18.215.29.142:436

115.239.67.202:380

255.11.235.99:426

213.203.201.199:307

143.117.20.123:425

141.98.168.70:443

174.150.214.40:426

133.133.249.24:204

126.68.7.249:422

103.175.16.107:443

146.70.124.77:443

154.56.0.100:443

180.184.129.160:223

28.78.74.145:427

108.28.254.44:399

115.103.22.1:153

rc4.plain

Signatures

Bumblebee family
bumblebee

Files

1124-90-0x0000000002570000-0x0000000002687000-memory.dmp
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 670KB - Virtual size: 670KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 670KB - Virtual size: 670KB

.rdata Size: 282KB - Virtual size: 281KB

.data Size: 75KB - Virtual size: 98KB

.pdata Size: 35KB - Virtual size: 35KB

.gfids Size: 2KB - Virtual size: 2KB

.tls Size: 5KB - Virtual size: 4KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 670KB - Virtual size: 670KB

.rdata
Size: 282KB - Virtual size: 281KB

.data
Size: 75KB - Virtual size: 98KB

.pdata
Size: 35KB - Virtual size: 35KB

.gfids
Size: 2KB - Virtual size: 2KB

.tls
Size: 5KB - Virtual size: 4KB

.reloc
Size: 6KB - Virtual size: 5KB