bumblebee | bb[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

bb.dll

windows7-x64

bb.dll

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bb.dll

Resource

win7-20220812-en

bumblebee 1608 trojan

windows7-x64

2 signatures

30 seconds

Behavioral task

behavioral2

Sample

bb.dll

Resource

win10v2004-20220812-en

bumblebee 1608 trojan

windows10-2004-x64

2 signatures

30 seconds

General

Target

bb.bin
Size

1.1MB
MD5

da6feac8dff2a44784be3d078f2d4ac3
SHA1

c0f43d1d3e87b0e8b86b4b9e91cb55b4a1893b48
SHA256

9bd9da44cc2d259b8c383993e2e05bbe1bcdac917db563b94e824b4b1628e87c
SHA512

920b1ae2a1b33d7e6ece0524ced736ec0c03a8a8b6dea6efb6496ea429195d65cdd854879c62f6c17301613baa2d884199c5f197ef98610b330ef0d1e605980f
SSDEEP

24576:MYma2+MNU4NemNEfD/1npU9vsxR1RVOFRBDHn7:8NUxmOfD/1nyidRVOnBDHn

Score

10^/10

bumblebee

Malware Config

Extracted

Family

bumblebee

rc4.plain

Signatures

Bumblebee family
bumblebee

Files

bb.bin
.dll windows x64

83f847006bcd9e79aedb74fc499583c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

StrToIntA
StrChrA
PathFindFileNameW

kernel32

VirtualFree
lstrcpyA
lstrcmpA
lstrcatA
GetProcAddress
FreeLibrary
VirtualAlloc
GetCurrentThread
GetCurrentThreadId
CloseHandle
GetModuleHandleW
VirtualProtectEx
LoadLibraryA
GetModuleHandleA
VirtualQuery
lstrlenA
VirtualQueryEx
GetCurrentProcess
UnmapViewOfFile

Exports

Exports

rUBePLWjSQZC
setPath

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy