bumblebee | dc8d175181567c20a63fc560a65693eaa619a4e19507c3bf489e41b9291949bf | Triage

Submit
Reports

Overview

overview

Static

static

Document#8375.html

windows7-x64

8

Document#8375.html

windows10-2004-x64

Sharing

General

Target

Document#8375.html
Size

1.4MB
Sample

221102-121vesegcj
MD5

ab6a29ba7e9af6e88eaf598b9dc9f007
SHA1

9b2b4dff41da2076684a85c844b51830250f93f9
SHA256

dc8d175181567c20a63fc560a65693eaa619a4e19507c3bf489e41b9291949bf
SHA512

4d917125fa600391bfb2b78cc13cd464128e1d1b00215874b05a6b9b5ec6c5ee9a5094648bebaea60ac7310806550d40c06e525f423766c0d172e5838f67d810
SSDEEP

24576:y80RC+iQXb11xsHj33Mp8iiG4s0ckOG2gRNj3o7JoJ5fHmXq:6Gobe3dH/nOrO9EWJFHB

Score

10^/10

bumblebee 0211r trojan

Static task

static1

Behavioral task

behavioral1

Sample

Document#8375.html

Resource

win7-20220812-en

windows7-x64

7 signatures

300 seconds

Behavioral task

behavioral2

Sample

Document#8375.html

Resource

win10v2004-20220901-en

bumblebee 0211r trojan

windows10-2004-x64

13 signatures

300 seconds

Malware Config

Extracted

Family

bumblebee

Botnet

0211r

C2

193.109.120.156:443

192.111.146.184:443

104.219.233.113:443

rc4.plain

Targets

- Target
  
  Document#8375.html
- Size
  
  1.4MB
- MD5
  
  ab6a29ba7e9af6e88eaf598b9dc9f007
- SHA1
  
  9b2b4dff41da2076684a85c844b51830250f93f9
- SHA256
  
  dc8d175181567c20a63fc560a65693eaa619a4e19507c3bf489e41b9291949bf
- SHA512
  
  4d917125fa600391bfb2b78cc13cd464128e1d1b00215874b05a6b9b5ec6c5ee9a5094648bebaea60ac7310806550d40c06e525f423766c0d172e5838f67d810
- SSDEEP
  
  24576:y80RC+iQXb11xsHj33Mp8iiG4s0ckOG2gRNj3o7JoJ5fHmXq:6Gobe3dH/nOrO9EWJFHB
Score

10^/10

bumblebee 0211r trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

bumblebee0211rtrojan

© 2018-2025

Terms | Privacy