Overview

overview

10

Static

static

10

bumble_out.dll

windows7-x64

5

bumble_out.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bumble_out.dll

  • Size

    1.0MB

  • Sample

    220826-yb29fsggcr

  • MD5

    bc0e627f4e46c8dcb659d3a0efd1da08

  • SHA1

    78cc22d281f5342c145c79a3a7e3a3d9b3436486

  • SHA256

    30473aa64d32098092e8a7df7300eb5728a4f8098944c80fc8afcf021033c941

  • SHA512

    87617cea23bb9e3fa90fb8f440f9e9c94cd1049088b3b1a73b4fabbb39f351d68352b09427eda354f8080f8e972ad46322c54c7f656ea115ff4b37d4360a7e38

  • SSDEEP

    24576:PypQl0cbcgxyhtSNT53d+nPodJ9Zx/dGEgyacTUYhZGpvf4u:/0g4tET53d8PoX9Zx/FxacTUwGp

Score
10/10
bumblebee2508

Malware Config

Extracted

Family

bumblebee

Botnet

2508

C2

37.120.178.41:208

238.182.51.147:424

189.148.89.112:315

244.253.130.189:143

226.243.12.207:198

157.149.241.191:466

77.217.252.19:303

23.19.227.76:443

16.243.26.108:143

85.141.16.65:465

51.68.147.63:443

166.143.247.8:233

81.233.54.96:286

57.183.17.199:360

222.122.78.208:477

22.190.29.153:147

87.189.135.205:284

101.38.73.132:376

179.71.70.11:344

83.241.205.124:148
rc4.plain

Targets

    • Target

      bumble_out.dll

    • Size

      1.0MB

    • MD5

      bc0e627f4e46c8dcb659d3a0efd1da08

    • SHA1

      78cc22d281f5342c145c79a3a7e3a3d9b3436486

    • SHA256

      30473aa64d32098092e8a7df7300eb5728a4f8098944c80fc8afcf021033c941

    • SHA512

      87617cea23bb9e3fa90fb8f440f9e9c94cd1049088b3b1a73b4fabbb39f351d68352b09427eda354f8080f8e972ad46322c54c7f656ea115ff4b37d4360a7e38

    • SSDEEP

      24576:PypQl0cbcgxyhtSNT53d+nPodJ9Zx/dGEgyacTUYhZGpvf4u:/0g4tET53d8PoX9Zx/FxacTUwGp

    Score
    5/10

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks