Extracted

• • Target

    projectr.dll

  • Size

    1.8MB

  • MD5

    996df34af37534606d59b126eafe0dcb

  • SHA1

    f1d3f199ee1aa2ff917b76ad41a64a2a6771f198

  • SHA256

    1abd17b10f565bbae870ecc1634cd3c15e80f5d001f748bc112d000e67093669

  • SHA512

    462de3cb0029777103d1fe93b7fc2f190033f2ac669c48724853d544f532d2f28c6439e7f198fb1e336145f354ef589b0922c355c7eedab2995d1b37604d03a4

  Score

  10^/10

  bumblebee236aevasiontrojan

  • BumbleBee

    BumbleBee is a webshell malware written in C++.

    trojanbumblebee

  • Enumerates VirtualBox registry keys

    evasion

  • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    evasion

  • Looks for VirtualBox Guest Additions in registry

    evasion

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Identifies Wine through registry keys

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion
  behavioral1behavioral2