bumblebee | bumblebeepayload[.]txt | Triage

Submit
Reports

Overview

overview

Static

static

bumblebeepayload.dll

windows7-x64

bumblebeepayload.dll

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bumblebeepayload.dll

Resource

win7-20220812-en

bumblebee 2408 trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

bumblebeepayload.dll

Resource

win10v2004-20220812-en

bumblebee 2408 trojan

windows10-2004-x64

2 signatures

150 seconds

General

Target

bumblebeepayload.txt
Size

1.1MB
MD5

1b83c062f95066dbbb9a11e10dbef1da
SHA1

13d59b078eb8e200ea398038550441cd5a844c8a
SHA256

1b26c2a0a53fb807a0decf7118704ca03a1eb1728e29c4f84f9886ca8ab1f021
SHA512

5b2bc43dbf0d06570739081413e3e46d5d2012eaef9ce71f04b53aeff6eccb826c74d7cc3724fd158ad5cd738441091ea09087056cd06c21358986c8973626e7
SSDEEP

24576:S5gRQXtgtB3gieIBOf0OU9Zx/vqqsgy2Ye5hnw49Q:0etB7PBOf0F9Zx/9/y2YG9w

Score

10^/10

bumblebee

Malware Config

Extracted

Family

bumblebee

rc4.plain

Signatures

Bumblebee family
bumblebee

Files

bumblebeepayload.txt
.dll windows x64

83f847006bcd9e79aedb74fc499583c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

StrToIntA
StrChrA
PathFindFileNameW

kernel32

VirtualFree
lstrcpyA
lstrcmpA
lstrcatA
GetProcAddress
FreeLibrary
VirtualAlloc
GetCurrentThread
GetCurrentThreadId
CloseHandle
GetModuleHandleW
VirtualProtectEx
LoadLibraryA
GetModuleHandleA
VirtualQuery
lstrlenA
VirtualQueryEx
GetCurrentProcess
UnmapViewOfFile

Exports

Exports

eJqlJBHewkXi
setPath

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy