Overview

overview

10

Static

static

ixul595rs24.dll

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ixul595rs24.dll

  • Size

    2.7MB

  • Sample

    221006-ymg3naadb8

  • MD5

    b8f5afe2dca3fb275b6aefdf3b8f93ae

  • SHA1

    899a3d951cedf418f29079783c757d81d75100e0

  • SHA256

    a0ef27df11265b6574151454bd072b2854b26512fa7be152e3ddd316833408c9

  • SHA512

    e61ad032275b5f4d3d414aaaba3b4586769a7eeced4d0b22bcad8411c5a86c35259e2189d06fcb31c8b40ecb16b3ab4568c7c3639512b5d7a66c1ec286be8067

  • SSDEEP

    49152:Iku3WPxBbNN4N0Gaav8mCEgvys3FGMR47KrHxmEt3qX:kqlxC6E3s3JC7KwEtK

Score
10/10
bumblebee0610trojan

Malware Config

Extracted

Family

bumblebee

Botnet

0610

C2

45.147.231.156:443

208.115.216.246:443

23.29.115.164:443

45.61.186.18:443

51.83.250.102:443

192.119.77.44:443
rc4.plain

Targets

    • Target

      ixul595rs24.dll

    • Size

      2.7MB

    • MD5

      b8f5afe2dca3fb275b6aefdf3b8f93ae

    • SHA1

      899a3d951cedf418f29079783c757d81d75100e0

    • SHA256

      a0ef27df11265b6574151454bd072b2854b26512fa7be152e3ddd316833408c9

    • SHA512

      e61ad032275b5f4d3d414aaaba3b4586769a7eeced4d0b22bcad8411c5a86c35259e2189d06fcb31c8b40ecb16b3ab4568c7c3639512b5d7a66c1ec286be8067

    • SSDEEP

      49152:Iku3WPxBbNN4N0Gaav8mCEgvys3FGMR47KrHxmEt3qX:kqlxC6E3s3JC7KwEtK

    Score
    10/10
    bumblebee0610trojan

    • BumbleBee

      BumbleBee is a webshell malware written in C++.

      trojanbumblebee

    • Loads dropped DLL

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1

MITRE ATT&CK Matrix

Tasks