Overview

overview

10

Static

static

10

2a.dll

windows7-x64

5

2a.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a.dll

  • Size

    1.0MB

  • Sample

    220824-p2r2qsdedn

  • MD5

    3421a06f8c85e0bfd0b2d7f5549809ba

  • SHA1

    139f7e359a72852f9d4f98d4e67104f14b597680

  • SHA256

    f4e0528ea9aa23b92e884db2dedfc8942e111034d548d0ad25111da592312d02

  • SHA512

    bafad1b1bf78c8d191575d76b4bae83307ef6eb7b84f353cb42f75008aaf9064ae94e45d5c421f6fa31172acaaf7d481135123873ce434d6b56d84284e531b7e

  • SSDEEP

    24576:y5gRQXtgtB3gieIBOf0OU9Zx/vqqsgy2Ye5hnwN+8Q:UetB7PBOf0F9Zx/9/y2YG9w

Score
10/10
bumblebee1808

Malware Config

Extracted

Family

bumblebee

Botnet

1808

C2

239.126.49.190:498

196.168.62.83:324

172.142.116.53:193

169.97.45.42:168

247.83.130.199:407

70.112.52.169:210

103.122.133.243:267

55.106.230.180:382

194.15.216.113:443

110.3.133.248:213

117.142.183.252:397

91.129.147.214:191

123.220.89.110:305

154.56.0.110:443

103.19.6.147:262

201.162.166.187:181

242.99.166.156:402

64.44.98.157:443

206.197.111.241:287

0.201.90.211:280
rc4.plain

Targets

    • Target

      2a.dll

    • Size

      1.0MB

    • MD5

      3421a06f8c85e0bfd0b2d7f5549809ba

    • SHA1

      139f7e359a72852f9d4f98d4e67104f14b597680

    • SHA256

      f4e0528ea9aa23b92e884db2dedfc8942e111034d548d0ad25111da592312d02

    • SHA512

      bafad1b1bf78c8d191575d76b4bae83307ef6eb7b84f353cb42f75008aaf9064ae94e45d5c421f6fa31172acaaf7d481135123873ce434d6b56d84284e531b7e

    • SSDEEP

      24576:y5gRQXtgtB3gieIBOf0OU9Zx/vqqsgy2Ye5hnwN+8Q:UetB7PBOf0F9Zx/9/y2YG9w

    Score
    5/10

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks