bumblebee | 1328-54-0x0000000001F30000-0x0000000002079000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1328-54-0x...ry.dll

windows7-x64

1

1328-54-0x...ry.dll

windows10-2004-x64

1

Sharing

Static task

static1

0311t2 bumblebee

1 signatures

Behavioral task

behavioral1

Sample

1328-54-0x0000000001F30000-0x0000000002079000-memory.dll

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1328-54-0x0000000001F30000-0x0000000002079000-memory.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1328-54-0x0000000001F30000-0x0000000002079000-memory.dmp
Size

1.3MB
MD5

535d24b3c4b6742fe3ea91a2007ddc0d
SHA1

e7bc5dda5de048f2901a95b886cefbf5f93e2137
SHA256

f4f2fe9dde0911af608b3e7cc5e2b583d0af7ac32cb93a4aef4443f32e107d21
SHA512

7587afeed5478ae9037cf4c0a5c36f9be4d2f7037323bffe4461f5db8fb6de00da26f2cbc938f8b5de5f6b0fd2a218d816873cdd7d50149ba5f233ce782f545f
SSDEEP

24576:9pgBtVlZ+jZ3YFVTmHPtU69Zx/NIt1FMbV7b334a:bl3cRi159Zx/N6LMbVn3

Score

10^/10

0311t2 bumblebee

Malware Config

Extracted

Family

bumblebee

Botnet

0311t2

C2

39.65.8.170:443

103.144.139.156:443

107.189.30.231:443

91.245.254.101:443

194.135.33.127:443

rc4.plain

Signatures

Bumblebee family
bumblebee

Files

1328-54-0x0000000001F30000-0x0000000002079000-memory.dmp
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 806KB - Virtual size: 805KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy