Overview

overview

10

Static

static

10

bumblebee_mem.dll

windows7-x64

5

bumblebee_mem.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bumblebee_mem.dll

  • Size

    1.0MB

  • Sample

    220831-w6wdaaaahr

  • MD5

    d94d97088907942eab80e9d721cc74d4

  • SHA1

    d30a5e340ca879ec6f523246a37c07c8292636e3

  • SHA256

    27eec32524f00af06cd618a775ef6510ca6d53ab56a9ca5fa7f1d79674be9d1f

  • SHA512

    6898ab5edf3fe5fd798f9922b4ab79cb0a57bbffd4e91b1e0e770c4d0783514cdfe0bd57f2c0955c686e423495a4c57b5bd5aafb87e74a21cdaf2cf92082fff2

  • SSDEEP

    24576:cx2ubccfCEN1Wpv9hOQn7G9Zx/tGggFQhrxtxcZqeoc:kTCyWN9QQnq9Zx/ZgShrxtyqeo

Score
10/10
bumblebee2908

Malware Config

Extracted

Family

bumblebee

Botnet

2908

C2

128.98.74.129:220

167.169.225.214:463

142.128.98.83:421

34.182.83.26:470

49.225.188.194:449

45.171.223.102:251

142.11.234.228:443

98.160.3.143:406

232.117.230.254:371

39.201.79.163:353

50.1.178.221:428

245.183.66.60:335

97.194.181.176:318

172.80.163.136:132

213.31.23.49:216

233.146.166.77:443

100.142.128.17:395

2.217.33.138:456

49.72.69.11:492

7.251.149.254:456
rc4.plain

Targets

    • Target

      bumblebee_mem.dll

    • Size

      1.0MB

    • MD5

      d94d97088907942eab80e9d721cc74d4

    • SHA1

      d30a5e340ca879ec6f523246a37c07c8292636e3

    • SHA256

      27eec32524f00af06cd618a775ef6510ca6d53ab56a9ca5fa7f1d79674be9d1f

    • SHA512

      6898ab5edf3fe5fd798f9922b4ab79cb0a57bbffd4e91b1e0e770c4d0783514cdfe0bd57f2c0955c686e423495a4c57b5bd5aafb87e74a21cdaf2cf92082fff2

    • SSDEEP

      24576:cx2ubccfCEN1Wpv9hOQn7G9Zx/tGggFQhrxtxcZqeoc:kTCyWN9QQnq9Zx/ZgShrxtyqeo

    Score
    5/10

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks