Overview

overview

10

Static

static

10

out.dll

windows7-x64

5

out.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    out.dll

  • Size

    1.0MB

  • Sample

    220901-yb6xmsccb8

  • MD5

    0c8ef56d0e023dc3fcff82f85a942bc7

  • SHA1

    d1ef37a9997f3df7c00b42a5b77cf5d7e273be16

  • SHA256

    1f9e55d62093ddcf81cf26088a3fcbda001cf76bae9ab57ad14c6875ebdcec5b

  • SHA512

    7315e71f47537605ad2ff7daa044ed7456af5c9aaa935f641b7116c0c8c8086909ea457f752e25c823fbf9f9391749872b5bae44bc5f9c9e75dc5393a5ca572f

  • SSDEEP

    24576:cx2ubccfCEN1Wpv9hOQn7G9Zx/tGggFQhrxtxcZfeoX:kTCyWN9QQnq9Zx/ZgShrxtyfeo

Score
10/10
bumblebee0109

Malware Config

Extracted

Family

bumblebee

Botnet

0109

C2

3.96.133.190:425

2.64.146.54:483

146.19.173.173:443

124.190.135.42:475

171.85.18.1:171

167.3.253.206:327

105.221.217.130:420

87.205.249.98:424

34.125.112.132:378

241.107.31.54:327

232.8.38.144:246

52.70.202.153:421

248.233.210.1:241

35.198.208.19:401

168.185.24.232:389

157.82.90.180:269

118.175.154.106:167

144.90.37.132:300

198.98.52.145:443

62.226.23.100:125
rc4.plain

Targets

    • Target

      out.dll

    • Size

      1.0MB

    • MD5

      0c8ef56d0e023dc3fcff82f85a942bc7

    • SHA1

      d1ef37a9997f3df7c00b42a5b77cf5d7e273be16

    • SHA256

      1f9e55d62093ddcf81cf26088a3fcbda001cf76bae9ab57ad14c6875ebdcec5b

    • SHA512

      7315e71f47537605ad2ff7daa044ed7456af5c9aaa935f641b7116c0c8c8086909ea457f752e25c823fbf9f9391749872b5bae44bc5f9c9e75dc5393a5ca572f

    • SSDEEP

      24576:cx2ubccfCEN1Wpv9hOQn7G9Zx/tGggFQhrxtxcZfeoX:kTCyWN9QQnq9Zx/ZgShrxtyfeo

    Score
    5/10

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks