Overview

overview

10

Static

static

10

LdrAddx64.dll

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    LdrAddx64.dll

  • Size

    1.1MB

  • Sample

    220909-jglfkadfgn

  • MD5

    78796148afc0a3218f4ce6c9aacc429c

  • SHA1

    cd5c762a8ce9fb69bd24531de0588a689fe76f0e

  • SHA256

    0b0a5f3592df7b538b8d8db4ba621b03896f27c9f112b88d56761972b03e6e58

  • SHA512

    93cce3ceade3a0a5b353db486bf5119a257e0899b744737bc2b6d6313b8a0cb313059ecb106a3f072c1103129c73f76506fa2b753297cf8a3b4e8b342a4855da

  • SSDEEP

    24576:nPbd7OXoxkXTfxUXIeUu3MWXA0FaRaayXd0:MocTxUXX35XbFivyX

Score
10/10
bumblebee1508trojan

Malware Config

Extracted

Family

bumblebee

rc4.plain

Extracted

Family

bumblebee

Botnet

1508

C2

14.31.207.132:221

81.9.92.42:167

119.76.18.11:355

247.159.224.202:444

32.19.91.214:383

18.218.236.32:451

108.65.214.104:154

170.120.41.104:472

210.95.71.224:141

120.24.53.94:203

202.135.147.121:128

81.59.225.7:315

86.229.107.229:329

28.48.215.169:349

147.85.196.182:247

100.43.226.160:468

147.59.173.194:351

202.9.44.255:464

254.156.153.57:206

81.112.174.32:153
rc4.plain

Targets

    • Target

      LdrAddx64.dll

    • Size

      1.1MB

    • MD5

      78796148afc0a3218f4ce6c9aacc429c

    • SHA1

      cd5c762a8ce9fb69bd24531de0588a689fe76f0e

    • SHA256

      0b0a5f3592df7b538b8d8db4ba621b03896f27c9f112b88d56761972b03e6e58

    • SHA512

      93cce3ceade3a0a5b353db486bf5119a257e0899b744737bc2b6d6313b8a0cb313059ecb106a3f072c1103129c73f76506fa2b753297cf8a3b4e8b342a4855da

    • SSDEEP

      24576:nPbd7OXoxkXTfxUXIeUu3MWXA0FaRaayXd0:MocTxUXX35XbFivyX

    Score
    10/10
    bumblebee1508trojan

    • BumbleBee

      BumbleBee is a webshell malware written in C++.

      trojanbumblebee

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1

MITRE ATT&CK Matrix

Tasks