Overview

overview

10

Static

static

10

mdmerge.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mal.zip

  • Size

    691KB

  • Sample

    221010-p679hsbha2

  • MD5

    d2bc7c2e9343e3f8313d643973fc1a56

  • SHA1

    bea9bdef3488cc68c1f56318944455b2f5e31387

  • SHA256

    24d8eb96c5ee83d949fe90862186b38b3c2a477e6da66f133a3f55fbb45dd8a6

  • SHA512

    bda03f11cc560c853def3718d4bdac170c0667d00811d54efd13b3a240d53b869b5cef9545218f279fa96b03e7b86b7677cbcf69b176f4e9e37bd403f8967dae

  • SSDEEP

    12288:wIEAKvmWwvGQw5e7+hcVN3JAPUu4K4yXwuu2Q8PY8bbZoUsUkSSCzRuip60fWkId:wpmWUXwWN3JAMub4MQ8w8bpsUkqzRuiO

Score
10/10
bumblebee2609

Malware Config

Extracted

Family

bumblebee

Botnet

2609

C2

209.141.48.135:443

142.11.241.215:443

146.59.116.77:443
rc4.plain

Targets

    • Target

      mdmerge.exe

    • Size

      1.3MB

    • MD5

      75eb7d1e29722366de9e6fe8f38fb8be

    • SHA1

      e8fc305c69054bbffdcbdae51b0fc7a36cb9660c

    • SHA256

      ea9652be1d5a389a257a899049089006213d01a89a645b69673dc8f623a548b8

    • SHA512

      119e5012deaeca3be956c916ebaa3c22bb1ffe463f3ce3d5e78c8c75002c0ab3e5e98a992a1ffdf510105a26fcf00ffca1d3b4f8343040971308554e779327c2

    • SSDEEP

      24576:8uSJZgQhdf781ZH0hJrHb0Fm9Zx/h/oJLv8jtZXGiFpnU7:Ow1uhJrHYm9Zx/G1v8jDXZF8

    Score
    5/10

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1

MITRE ATT&CK Matrix

Tasks