Overview

overview

10

Static

static

10

out.dll

windows7-x64

5

out.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    out.dll

  • Size

    1.0MB

  • Sample

    220824-xa1hsshefn

  • MD5

    40cedc7e500033ef29be123ad0468020

  • SHA1

    8582e273151c56dc4888bc590cdb0c884487eead

  • SHA256

    c193c7ad0c5b19fc56c8a81ef11eb89efa6fa32c9091a12530bfc2d5ea14ca6a

  • SHA512

    7718f821ecef9773bbe96ad7d069b41bed9bcd4c443092b58935fc7b560d0787ddfd1a277f29bfba5d66c6ded5b1bc34908847692c47493e2d19f193b0ec4633

  • SSDEEP

    24576:y5gRQXtgtB3gieIBOf0OU9Zx/vqqsgy2Ye5hnw49Q:UetB7PBOf0F9Zx/9/y2YG9w

Score
10/10
bumblebee2408

Malware Config

Extracted

Family

bumblebee

Botnet

2408

C2

108.30.109.238:341

107.21.49.73:412

212.227.199.94:119

26.88.252.40:148

217.243.85.139:190

50.20.147.145:346

115.58.47.223:480

150.158.205.226:428

222.132.86.189:463

112.102.174.20:379

94.49.121.33:341

131.233.140.11:104

85.118.251.137:412

183.89.9.91:295

219.98.254.216:386

33.218.244.230:266

29.167.160.212:332

78.193.54.213:166

86.214.84.193:173

98.206.43.235:371
rc4.plain

Targets

    • Target

      out.dll

    • Size

      1.0MB

    • MD5

      40cedc7e500033ef29be123ad0468020

    • SHA1

      8582e273151c56dc4888bc590cdb0c884487eead

    • SHA256

      c193c7ad0c5b19fc56c8a81ef11eb89efa6fa32c9091a12530bfc2d5ea14ca6a

    • SHA512

      7718f821ecef9773bbe96ad7d069b41bed9bcd4c443092b58935fc7b560d0787ddfd1a277f29bfba5d66c6ded5b1bc34908847692c47493e2d19f193b0ec4633

    • SSDEEP

      24576:y5gRQXtgtB3gieIBOf0OU9Zx/vqqsgy2Ye5hnw49Q:UetB7PBOf0F9Zx/9/y2YG9w

    Score
    5/10

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks